Reading through the Privacy Policy, I have some concerns.

Under "Usage Information":

> We may collect information about: how you communicate with those Wavers, such as their names, the time and date of your communications...

I know you're not storing the actual messages (in plain text at least), but I don't like the idea that you're storing who I'm talking to.

Under "Information Provided By Third Parties":

> - Advertisers may let us know you installed a new app or games so we can determine whether we showed you an ad for it.

> - If you interact with one of our advertisers, they may share information with us to help target or measure the performance of ads.

> - If another user uploads their contact list, we may combine information from the user's contact list with other information we have collected about you.

That's too much profiling for my liking.

In the end, even though the messages are "private", I don't feel that this app is taking my _privacy_ seriously.

Otherwise, I like the design, the UI and the idea. We need more competitors in this space. I do desire a web version of any message platform I use. It makes it easier for me to communicate throughout the day.

Hi!

Thank you for your feedback.

Presently, Wave (^‿^)ﾉ is privately funded and in no way supported by any advertising revenue.

The information that you made reference to was included as a precaution should some future involvement come to fruition.

Please bear in mind that this project was made by an individual. Your feedback regarding encryption / clauses in the terms of service / privacy policy are greatly appreciated as they serve as guidance on which areas can be changed or improved upon.

Thank you.

Norwegian eight digit numbers are not possible to submit in the signup form. Strange that they need the phone number for an “anonymous “ messaging device.

Hi Aleken, Wave (^‿^)ﾉ has been updated to support numbers from 7 digits upwards.

Hi! Wave (^‿^)ﾉ does not support numbers less than 9 digits. Support for numbers with 8 digits or less will be added in the very near future.

Thank you for your feedback.

How do you "optimize" for numbers with 8 digits? Sounds intriguing... /s

Edit: comment has been made obsolete due to edit of parent comment

How do you edit a comment?

You click on the "edit" link above your comment.

Thanks!

Wow Marc, thanks!

Hey HN, Wave (^‿^)ﾉ is privacy-focused instant messenger designed to keep the nature of conversation fun and fleeting.

No other messaging platform offers complete messaging peace of mind by being totally anonymous.

The app offers two message types: WaveFlash: 10 words or less - message displayed word-by-word rapidly. WaveLength: 1000 characters or less - tap anywhere to close the message when read.

Ask me anything here!

Features:

↩ Send and receive messages in one place. No chat lists. Messages are secured in capsules that have to be manually opened to be read. Any unread message can be unsent without notifying the receiver. Messages are displayed without showing the sender’s name. All messages can be viewed once only. Messages are end-to-end encrypted. Quick reply by swiping sent/received message capsules inwards. Custom contact names for any chat

What sort of usage/user are you going after?

I feel like I couldn't use this for serious messaging (things closer to email), but also that it's too limiting for my frequent communication with my partner and close friends or family. There are elements of Snapchat in this, but my impression of Snapchat was that the success was in large part because the pressure of crafting a great photo for FB/IG was lessened. Do people have that anxiety with text? I'm not sure.

Hi!

The original idea was to have short messages that disappear after being read so that people only send you relevant details.

I want to add more features and more way to communicate in the future.

The fact that it doesn't tell you when someone is typing and you don't get notified when someone unsends a message reduced a lot of anxiety.

Sorry if I wasn't clear, I was more asking who is your target user? What problem are they trying to solve with this? How does this app better suit them than your competitors?

Hey Dan,

I'll try my best to answer your questions.

The target user is anyone who wants to communicate without worrying about message permanence or risk being tied to the message they sent.

The sender's details are not included when a message is viewed making the app screenshot friendly. Screen recording won't get you very far either.

Coincidentally, the way in which the app was designed solves many privacy concerns highlighted in Zuckerberg's privacy manifesto - https://www.facebook.com/notes/mark-zuckerberg/a-privacy-foc...

If the details are important, wouldn't it be better to have them not disappear?

*relevant details ;)

> Any unread message can be unsent without notifying the receiver.

So you can test whether the recipient read your message by simply sending+unsending the message until you can't unsend anymore? :)

I'm not sure I fully understand the question but you the only limitation to the unsend feature is the message being 'read'. You can send and unsend as many times as you like.

They're asking if the unsend feature exposes whether the message has been read..... but I can see in the screenshots that there's a 'read' indicator anyway, isn't there? So it was a ignorant question and I wouldn't worry about it.

Yes! This is correct.

Thank you.

One thing I like about Viber a lot is their secret chats where you can set the time limit and messages self-destruct when that time passes. I wish other clients had that too.

Hi!

This approaches private chats in a unique way. Messages can be viewed once only. Unsend any unread message without notifying the receiver.

Viber won't protect you from screenshots.

Any plans to make this for android?

Hi! An Android version is on the horizon. Thank you for your feedback.

Is this end-to-end encrypted? The store page says

> Messages encrypted using a combination of 256-bit symmetric AES encryption.

The app utilises AES encryption method using this library: https://github.com/RNCryptor/RNCryptor.

Is the encryption end to end, or is the key known to the server?

Seems like there is a "password" required to encrypt/decrypt but the app's descriptions says:

> - No Sign Up / Log In / Usernames / Passwords.

So I'm guessing this password is stored server-side and the passwords are associated to device ids.

Seems like it would read your contacts and then send them to their servers too, not a fan of doing that personally.

I'm not sure why the app mentions encryption/security as it seems far from being the main point of the app.

Messages sent on the app are end-to-end encrypted and the key is not known to the server. The only way anybody can read your messages is if you allow them physical access to your phone.

Any additional details on how encryption and key generation scheme looks like?

Or, more importantly, how does key exchange work? You can’t really claim to be totally anonymous without explaining these details.

How does key exchange work, and does the server have copies of the keys?

You can find more info on key exchange here - https://github.com/RNCryptor/RNCryptor.

The server does not have copies.

No, you really can’t. That’s a library for symmetric cryptography. The key distribution/exchange problem cannot be solved with symmetric cryptography alone - unless you are acting as a trusted party and conveying the symmetric key - in which case you are not implementing end-to-end cryptography.

Thanks for the answer! The app looks really nice. Will try it :)

Thanks! Let me know if you have any questions.

P.S. Get a friend to download it as well as it requires both parties to have each other contacts saved and the app installed in order to send / receive messages.

In other words you have to harvest the parties' contact lists in order to do this matching?

We require access to your contacts. We do not harvest.

Could you explain the difference, in your own words?

The most obvious way I see to support this feature is to build up a big table of contact connections, so that when I join and put in my phone number it can send up my list of contacts and find all the bidirectional connections to what's already in the database.

This means you're building up a big graph of how all your users are connected to each other, and to people who don't use Wave (yet). Is that not 'harvesting' the contacts? Do you do it a different way?

The app requires an active number in order to use the service. This number is submitted to the database during the verification process. To my knowledge, mthere is no way around this.

To send and receive messages, the app needs access to your contacts. When you tap 'send' for the first time, the app will ask you for permission to access your address book.

Ugh, I hate everything about this. They claim to be privacy focused but collect metadata for ads.

The app appears to have 15 fake 5 star reviews that don't at all accurately review the app as an ephemeral messaging platform. One compares it to Whatsapp.

there is no website explaining how this app works.

they're forcing users to provide a phone number for no discernable reason.

Hey buddy!

Regarding your privacy concerns, the way in which it is designed makes messaging private. All communication is also end-to-end encrypted.

No metadata collected other than what development platform requires for basic analytics.

There is absolutely advertising.

The reviews are fake...?

Most messaging apps require a phone number.

The app works the same way as Whatsapp does. Both users needs each other saved in their address book and both users need the app installed.

It was designed to be very user-friendly and simple.

Hope this in someway alleviates your frustrations.

(^‿^)ﾉ

&ref=producthunt ?

They got the link from product hunt who adds that, the mods should likely remove that part of the link.

Google's not defending the Wave trademark?

They don't own Wave anymore.[0]

[0] https://incubator.apache.org/projects/wave.html

The alive and kicking "Google" Wave?

*Wave (^‿^)ﾉ

how does this compare to signal/imessage?

It would be great if you expanded on _why_ it's different.

The most notable difference is messages being stored inside capsules.

This means that you have to open a message to read it. You can only view it once. When displayed, messages do not include the senders name.

The link to the app wasn't submitted by the developer.

RIP Google Wave -- you were ahead of your time.

Unfortunately no iOS in this household to try it out so best of luck to the new Wave. :)