Encrypted Photo Proof
Client-side encryption for proof photos
Proof photos for tasks, rituals, and consequences are encrypted on your device before upload. The server stores ciphertext only, not readable without your paired keys. Viewing uses a key exchange between partners; photos are designed for limited retention after viewing, reducing long-term exposure. Available with Premium (any partner unlocks it), on by default, with no separate opt-in.
Intimate proof photos are high-risk data. Secure media exists so couples who want verification can use cryptography to keep plaintext off the server — a different bar than typical cloud photo sync.

Capabilities
Encrypt before upload
Plaintext stays on-device; only encrypted data is sent to storage.
Paired dynamic keys
Key material is scoped to your relationship so proofs are not exposed as normal gallery uploads.
Proof contexts
Secure proof attaches to task completion, ritual completion, and consequence verification flows.
On by default
Available with Premium when any partner unlocks it. On by default, with no separate opt-in toggle to manage.
Role Perspectives
For Dominants
Review proof without the app storing decryptable images at rest.
- Receive verifiable proof through an encrypted channel
- Consistent with high-trust, high-sensitivity content
For Submissives
Submit proof knowing ciphertext leaves your phone, not raw photos.
- Complete assigned proof flows with stronger privacy than standard uploads
- Ciphertext leaves your phone, never raw photos
Use Cases
Task completion with photo verification under secure media
Ritual or consequence proof where both partners want encryption
