This product was not featured by Product Hunt yet. It will not be visible on their landing page and won't be ranked (cannot win product of the day regardless of upvotes).
Product upvotes vs the next 3
Waiting for data. Loading
Product comments vs the next 3
Waiting for data. Loading
Product upvote speed vs the next 3
Waiting for data. Loading
Product upvotes and comments
Waiting for data. Loading
Product vs the next 3
Loading
Occulta
Encrypted by proximity. No servers. No accounts. Ever.
Privacy is power - Collect identity keys in person. YOU own the keys. 100% trust. - State of the art encryption, at rest and in transit. - Quantum threats protection. - Transport agnostic - send encrypted data via chat, sms, email, AirDrop, etc. - No servers, no accounts, no downtime, no exposure. If a service is down, just pick another. - Encryption happens before data hits the wire. Only the intended recipient can read plaintext. - Forward Secrecy - single use ephemeral encryption keys.
The problem everyone's ignoring
Every end-to-end encrypted messenger already has strong cryptography. That's not the weak link.
The weak link is who holds the keys.
Signal holds a key directory. iMessage has Apple's identity servers. WhatsApp registers your phone number. Every one of them can be compelled — subpoena the custodian, get the graph of who talked to whom.
Occulta is built on a different premise: you collect and own every key yourself.
How it works
Install. Generate. Done. No account. No phone number. No sign-up form. Your identity is a P-256 key pair generated in the Secure Enclave on first launch — hardware-bound, never exportable, never backed up, never seen by us.
Exchange keys in person. Hold two iPhones within 25 cm. Apple's UWB chip confirms proximity. The key transfers directly between devices — no server ever relays it. This physical gate is why man-in-the-middle attacks are structurally impossible, not just mitigated.
Diceware verification. After the exchange, both phones show the same short phrase. You say it out loud to your contact. If it matches, the key is authentic. SSH-fingerprint trust — done right.
Encrypt anything for anyone in your collection. Files, photos, videos, documents. Send the encrypted bundle over iMessage, AirDrop, email, Signal, a USB drive — whatever.
Security lives in the key, not the transport. One channel goes dark, use another.
What's under the hood
Secure Enclave identity key — P-256, generated inside the SE chip. Even a compromised OS can't extract it.
AES-256-GCM encryption with a random 96-bit nonce per payload
Forward secrecy — per-message ephemeral keys via a peer-to-peer prekey protocol (no rendezvous server required)
Post-quantum protection (iOS 26+) — ML-KEM-1024 hybrid alongside classical ECDH. Harvest-now-decrypt-later isn't a future problem you can patch later.
Apple frameworks only — CryptoKit, Security.framework, NearbyInteraction, MultipeerConnectivity. Zero third-party crypto. Zero supply-chain risk.
No backend. Anywhere. There's nothing to subpoena.
Honest limits (because you should know)
iOS only — the Secure Enclave and UWB hardware combination isn't available elsewhere
Doesn't hide transport metadata — an .occ file sent over iMessage still tells Apple two endpoints exchanged something
Can't defend against endpoint compromise (Pegasus-style). No messenger on earth can.
Keys are device-local by design — lose the phone, lose the contact collection
Open source — Apache 2.0
The protocol is documented. The code is on GitHub. Trust shouldn't require faith.
App Store: https://apps.apple.com/us/app/oc...
GitHub: https://github.com/aibo-cora/occ...
About Occulta on Product Hunt
“Encrypted by proximity. No servers. No accounts. Ever.”
Occulta was submitted on Product Hunt and earned 4 upvotes and 1 comments, placing #116 on the daily leaderboard. Privacy is power - Collect identity keys in person. YOU own the keys. 100% trust. - State of the art encryption, at rest and in transit. - Quantum threats protection. - Transport agnostic - send encrypted data via chat, sms, email, AirDrop, etc. - No servers, no accounts, no downtime, no exposure. If a service is down, just pick another. - Encryption happens before data hits the wire. Only the intended recipient can read plaintext. - Forward Secrecy - single use ephemeral encryption keys.
On the analytics side, Occulta competes within Open Source, Privacy, GitHub and Security — topics that collectively have 123.2k followers on Product Hunt. The dashboard above tracks how Occulta performed against the three products that launched closest to it on the same day.
Who hunted Occulta?
Occulta was hunted by Iurie Filatov. A “hunter” on Product Hunt is the community member who submits a product to the platform — uploading the images, the link, and tagging the makers behind it. Hunters typically write the first comment explaining why a product is worth attention, and their followers are notified the moment they post. Around 79% of featured launches on Product Hunt are self-hunted by their makers, but a well-known hunter still acts as a signal of quality to the rest of the community. See the full all-time top hunters leaderboard to discover who is shaping the Product Hunt ecosystem.
For a complete overview of Occulta including community comment highlights and product details, visit the product overview.
Iurie Filatov