Changelog

Transparency on platform updates.

CLI Quick Guide Full wiki on GitHub
Commands
  • Send a secret: itylos send "my secret" (quotes are needed if the text contains spaces, otherwise itylos send MySecret)
  • Send a file: itylos send -f document.pdf (max 8 MB)
  • Choose duration: add -d 24h or -d 7j (default: 1h)
  • Protect with password: add -p at the end (the CLI asks for the password)
  • Combine everything: itylos send -f contract.pdf -d 7j -p
  • Read a secret: itylos read followed by the link received from the sender
  • Verify a proof: itylos verify followed by the Proof ID received from the recipient
  • Update: itylos update
Tips
  • When using -p, send the link through one channel (email) and the password through another (text message). The password is hidden when you type it, that's normal.
  • After reading, the CLI shows a Proof ID. Send it to the sender so they can verify the secret was properly destroyed.
CLI v2.0.4 April 2, 2026
New
  • Verify by Proof ID: itylos verify <proof_id> fetches the proof directly from the server. No JSON file needed.
  • Proof ID shown on read: when a recipient reads a secret, the CLI displays the Proof ID and the command to copy so the sender can verify destruction.
  • Bilingual help FR/EN: all commands, arguments and examples are documented in French and English.
Fixed
  • Ed25519 proof verification: proofs were systematically rejected because the CLI sorted JSON keys before verification, while the server signs in PHP insertion order.
  • Base64url salt validation: the CLI rejected password-protected capsules because validation expected standard base64 instead of base64url.
CLI v2.0.3 April 2, 2026
New
  • Password protection: capsules can now be encrypted with an additional password layer. Usage: itylos send "secret" -p. PBKDF2-HMAC-SHA256 derivation (300,000 iterations), compatible with the web frontend.
  • Interactive prompt: the CLI asks for the password with confirmation on send, and automatically prompts on read if the capsule is password-protected.
  • Available on crates.io: install via cargo install itylos-cli.
Security
  • Dual-layer encryption: with a password, the final AES key is derived from SHA-256(url_key || PBKDF2(password, salt)). Even with the link, the secret remains inaccessible without the password.
CLI v2.0.2 April 2, 2026
Fixed
  • Readable error messages: fixed a bug where server errors (429 rate limit, 404 not found, 410 expired) displayed "reponse fetch invalide" instead of the actual message. The CLI now checks the HTTP status code before deserializing the response.
v2.1.0 March 30, 2026
Security
  • Protection against simultaneous openings: a capsule can no longer be read by two people at the same time. The first reader locks the capsule.
  • Strengthened cache policy: sensitive pages are never retained by the browser or network intermediaries. Content pages benefit from optimized caching.
  • Abuse protection extended across all service access points.
  • Full compliance of security headers on all access points.
New
  • Pricing page: complete presentation of Free, Supporter and Pro plans with manifesto, comparison table, pricing principles, roadmap and FAQ.
  • Expiration proof: capsules that expired without being opened now have a distinct signed proof, visually identifiable in yellow. The JSON proof explicitly states that the capsule was destroyed by expiration and was never opened by the recipient.
  • Visual alert in local vault: links containing the decryption key are flagged in red with a key icon to alert the user.
  • Improved automatic purge: expired capsules are destroyed with signed proof generation and audit registry entry.
  • Changelog page: this page, for update transparency.
  • Changelog button in the Trust section of the footer.
  • ITYLOS CLI v2.0.1: the command-line client has been entirely rewritten in Rust. Open source on GitHub.
Improved
  • Local vault: unified display of proof buttons and status badges. All elements are aligned and consistently sized.
  • Performance: reduced loading times on content pages through browser caching and conditional responses.
  • Installable app: improved offline behavior, the creation page is no longer precached to respect the Zero-Knowledge principle.
Fixed
  • Fixed local vault display in the French version (the table and empty state message were not showing).
  • Fixed proof access for expired capsules (the proof button was missing).
v2.0.0 March 25, 2026
New
  • Complete interface redesign: 32 pages entirely rebuilt in French and English. Desktop navigation with horizontal dock and mobile navigation with floating pill capsule.
  • New visual identity: animated constellation background, self-hosted sovereign font (no external CDN dependency), dark and light mode with instant switching.
  • Redesigned footer: social links (LinkedIn, X), trust section, "BURN AFTER READING" copyright, back to top button.
  • Encrypted file attachments: send documents, images, audio and video protected locally before transmission.
  • Signed destruction proof: each destroyed capsule generates a certificate verifiable independently.
  • Public audit registry: cryptographic journal viewable and exportable for operational transparency.
  • Local vault: capsule history in the browser, on explicit user choice only.
  • The Forge: robust password and secret generator, entirely client-side.
  • CLI client presentation: open source command-line tool for experts and sysadmins.
  • Developers page: API documentation and waitlist for integrations.
  • Manifesto: project philosophy and commitment to the right to digital oblivion.
  • Warrant Canary: public declaration of infrastructure integrity.
  • Security policy: responsible disclosure program for cybersecurity researchers.
  • Technical architecture: encryption protocol and threat model documentation.
  • Local verification: forensic tool to verify cryptographic proofs without network connection.
  • Installable app: ITYLOS can be installed on mobile as a native application.
  • Complete SEO markup: structured data, social preview, multilingual links, corrected heading hierarchy across all pages.
Security
  • Strengthened local encryption: data is protected in the browser before any transmission to the server.
  • Secure transport: mandatory HTTPS connection with strict policy.
  • Zero-Knowledge: the decryption key stays in the user's browser and never transits to the server.
  • Physical destruction: capsules are irreversibly deleted after reading.
  • Strict compliance: content security policy with no exceptions, no unauthorized scripts or styles.
  • Privacy protection: no IP address stored in clear, no tracking cookies, no telemetry.
  • Sovereign hosting: infrastructure in Switzerland (Geneva), LPD/FADP jurisdiction.
Fixed
  • Fixed dark/light toggle on Microsoft Edge and Chromium-based browsers.
  • Fixed drag and drop on the verification page in English version.
  • Fixed FAQ sections display across all pages.
  • Fixed social preview (image format and ratio corrected).
  • 50+ translation corrections in English pages.
v1.0.0 January 2026
Security
  • Server-side encryption for this first iteration.
  • Automatic destruction of data after the first reading.
  • Forced expiration of unread links after 24 hours.
  • Zero storage of personally identifiable metadata.
New
  • Digital Silence: launch of the first stable version (MVP) designed to validate the trust model and ephemeral sharing ergonomics.
  • Ultra-simplified creation interface: one field, one button.
  • Unique and random links for each share.
  • Clean reading page for the final recipient.
  • Visual validity counter for the sender.
Improved
  • Full optimization for Infomaniak shared hosting.
  • Lightweight architecture for fast execution without dependencies.
  • Mobile-first interface ensuring smooth usage on smartphones.
v0.9.0 Late 2025
Beta
  • Experimental phase: validating the concept "One link, One secret, One read, One destruction".
  • Sensitive secret transmission: codes, tokens, passwords.
  • Access management via temporary session identifiers.
  • Interface prototypes without visual frills to prioritize function.
Objective
  • Validate the use of digital silence and the mental model of the ephemeral.
  • Test the resilience of automatic database cleanup scripts.
  • Define the foundations of the modular architecture for future evolutions.
Fixed
  • Fixed truncation issues when sending long texts.
  • Adjusted handling of special characters in encrypted secrets.
  • Stabilized database connection during request spikes.