Hide Secrets
Inside Ordinary Images.PREMIUM
Embed AES-256-GCM encrypted messages inside any photo. Share it anywhere. The image looks completely ordinary. Only City of Hats Premium can decrypt what's inside.
See GhostFrame in Action
Watch how to hide an encrypted message inside an ordinary image — and decode it on the other end. Invisible to anyone without City of Hats.
- Pick any photo from your gallery as a carrier image
- Type your secret message and encrypt it inside the image
- Share the image anywhere — WhatsApp, email, social media
- Only the recipient with City of Hats can decode it
Hide messages inside ordinary images.
GhostFrame uses steganography to embed encrypted messages within photos. Share a normal-looking image that secretly carries your confidential content — invisible to anyone who does not have the key.
- Embed text or data inside any photo — the image looks completely normal
- PIN-protected decoding — only the intended recipient can extract the message
- Invisible to detection — no visual difference between original and encoded image
- Steganographic encoding — data is woven into pixel values, not metadata
- Share anywhere — send the image through any channel, only City of Hats can decode it
Discreet Transport. Proven Encryption.
GhostFrame combines image steganography with AES-256-GCM encryption and a hybrid token architecture — designed to remain intact across common image-sharing platforms.
AES-256-GCM Encryption
Every message is encrypted client-side with AES-256-GCM before embedding. The encryption key is derived locally and never touches our servers.
AES-256-GCMHybrid Token Architecture
A small token is embedded in the image pixels. The encrypted payload is stored separately on our servers. This hybrid approach remains intact across WhatsApp, LINE, and other image-sharing platforms.
STEGANOGRAPHYBurn-After-Read Lifecycle
Set your GhostFrame to self-destruct after first read, after a set number of retrievals, on a time delay, or after a countdown timer. Once burned, the payload is permanently deleted.
EPHEMERALAccess Control
Choose who can decrypt: anyone with City of Hats Premium, or lock it to a specific Hat identity. Without the right permissions, the image looks like any ordinary photo.
RECIPIENT-LOCKEDFour Steps to Invisible Communication
From import to decode — the entire process happens client-side. Your plaintext never touches our servers.
Import Image
Pick any photo from your camera roll, Google Photos, or local files. Any standard image format works.
Compose & Encrypt
Write your secret message. AES-256-GCM encrypts it client-side. Set lifecycle rules — burn-after-read, time-lock, auto-destroy.
Embed & Share
The encrypted token is embedded into the image pixels. Share the image normally — email, Dropbox, WhatsApp, anywhere.
Decode & Burn
The recipient imports the image into City of Hats. The token retrieves and decrypts the message. Then it's gone.
🖼️ Image Pixel Layer
A small retrieval token — not the message itself — is embedded via LSB steganography. The image carries only the key to unlock, not the content.
☁️ Server-Side Vault
The full AES-256-GCM encrypted payload lives here with lifecycle rules. Zero-knowledge — we cannot read or access the content.
Who Uses GhostFrame?
When the channel itself needs to be invisible — not just encrypted.
Journalists & Sources
Receive sensitive documents and tipoffs hidden inside ordinary photos. No metadata trail, no suspicious file names — just a family photo that happens to contain classified information.
Financial Institutions
Share transaction approvals, compliance alerts, and sensitive financial data through images that look routine. Audit-ready with burn-after-read timers.
Legal Teams
Exchange privileged communications inside image attachments. Attorney-client privilege protected by steganography and AES-256-GCM — invisible to discovery tools.
High-Sensitivity Environments
Share confidential information through images in environments where standard encrypted channels draw attention. GhostFrame provides a discreet transport layer for sensitive operations.
Healthcare
Share HIPAA-sensitive patient data between practitioners without exposing it in email bodies or chat logs. Burn-after-read ensures zero retention.
Enterprise Security Teams
Distribute vulnerability disclosures, breach reports, and incident response instructions inside images. No one knows the image contains critical security data.
What GhostFrame Guarantees
Every architectural decision is designed to minimize exposure and prevent recovery after burn.
✓ Enforced by Architecture
- ✓ AES-256-GCM client-side encryption
- ✓ LSB steganography token embedding
- ✓ Hybrid architecture survives image compression
- ✓ Burn-after-read with server-side deletion
- ✓ Recipient-locked or Premium-gated access
- ✓ Time-lock and auto-destroy timers
- ✓ Zero plaintext on server at any point
✗ Never Happens
- ✗ No plaintext message stored on server
- ✗ No encryption keys stored server-side
- ✗ No image analysis or content scanning
- ✗ No sender-recipient metadata linking
- ✗ No server-side backups of burned payloads
- ✗ No third-party access to steganographic tokens
- ✗ No recovery after burn