Security Architecture
Your privacy is not a feature — it's the foundation. Here's exactly how we keep your data safe.
Client-Side Only
All image processing runs in your browser via WebAssembly (WASM). No image bytes ever leave your device.
One-Way Hash
PDQ hash is a mathematical fingerprint. It is computationally impossible to reconstruct your image from the hash.
Encrypted Storage
All hashes stored in our database are encrypted at rest (AES-256) and in transit (TLS 1.3).
How PDQ Hashing Works
We use PDQ (Photo DNA for Quicker detection), an algorithm developed by Meta and widely deployed by major platforms to detect CSAM and NCII.
PDQ works by converting an image into a 256-bit binary fingerprint based on visual patterns. Two images that look visually identical (even after minor edits like color shifts or slight crops) will produce very similar hashes.
When a platform tries to upload an image, it hashes it using PDQ and compares against our database. If the Hamming distance (similarity score) is below a threshold, the upload is blocked.
Example: What gets stored
hash: "f8c47b3a9d56e201..."
case_id: "RH-XK7LM9P"
timestamp: "2025-02-28T..."
# No image data. Never.
Open Source & Auditable
Our entire codebase is open-source. You or any security researcher can audit exactly what the code does with your images. We publish all security audits publicly.
View on GitHub →