🔐

Your messages and location, encrypted on your device

TripKit encrypts group chat messages and GPS coordinates on your device before they leave it. The server stores only ciphertext — not even we can read your conversations.

Join Trip (Beta) — Free → See all features

What's included

  • Chat messages encrypted with AES-256-GCM before leaving your browser
  • GPS coordinates encrypted on-device — the server stores ciphertext only
  • Per-user ECDH P-256 keypair generated in the browser at first login
  • Per-trip symmetric key distributed securely to each member
  • Vault password protects your private key — derived via PBKDF2 (600k iterations)
  • Uses the browser's built-in Web Crypto API — zero npm crypto dependencies
  • Session cache avoids re-prompting within the same browser session

Common questions

What exactly is encrypted?

Chat message bodies and GPS coordinates (live map positions) are end-to-end encrypted. Itinerary items, expenses, and checklists are protected by authentication and row-level security, but are not currently E2EE.

Does E2EE affect the AI assistant?

Yes. When E2EE is enabled on a trip, the @tripkit AI bot is automatically disabled because the server cannot read ciphertext. You can disable E2EE per trip in Settings → Privacy if you want AI features.

What is the vault password?

Your vault password is a separate password that protects your E2EE private key. It is derived into an encryption key using PBKDF2-SHA-256 with 600,000 iterations. TripKit does not store this password — if you forget it you will need to reset your vault (which generates a new keypair).

Can I turn off E2EE for a trip?

Yes. Trip owners can disable E2EE in Settings → Privacy & Encryption. When disabled, new messages and locations are stored in plaintext. Existing encrypted content remains decryptable by members who hold the trip key.

Ready to try it?

TripKit is free during beta. Create a trip or join an existing one in seconds.

Join Trip (Beta) →