Vizava.pro | Documentation

Manifesto

The architecture of privacy in a surveillance state.

Vizava is not just a tool; it is a defensive countermeasure. In an era where metadata is weaponized and digital footprints are permanent, Vizava provides a client-side first environment for data obfuscation and ephemeral communication.

Our core philosophy is simple: We cannot lose what we do not have. We design our systems to know as little about you as possible, pushing the heavy lifting of encryption and processing to your local device before data ever touches the network.

The Artifacts

The Artifacts engine is a browser-based image processor designed to strip identifying data and disrupt automated image recognition systems (facial recognition, reverse image search).

Automatic Sanitization:

Metadata scrubbing is mandatory and automatic. The moment an image is loaded into the Artifacts engine, all EXIF, GPS, and device fingerprint data is permanently stripped before processing begins. There is no option to disable this protection.

Technical Specifications

Processing Local (Canvas API)

Sanitization Binary Strip (EXIF/XMP)

Output PNG / JPEG / WEBP

Privacy Shield (Sanitization)

When the Privacy Shield is engaged, Vizava bypasses standard image rendering and reconstructs the image byte-by-byte. This ensures that hidden data payloads are not just hidden, but physically removed from the file structure.

Geo-Tags: Latitude, Longitude, Altitude, GPS Timestamp.
Device Fingerprints: Camera Make, Model, Lens Serial Number, Software Version.
Contextual Data: Date Taken, Light Source, Metering Mode.

The Bunker

The Bunker provides ephemeral, encrypted text storage. It uses a "Dead Drop" methodology where the decryption key is passed via the URL anchor or user input, never stored in the database.

Encryption Standards

All data is encrypted client-side before transmission using the AES-256 standard via the CryptoJS library. The server receives only the encrypted cipher string.

Encryption LogicJS

const encrypted = CryptoJS.AES.encrypt(
    message, 
    passphrase // Never sent to server
).toString();
                        

Burn Mechanisms

Vizava implements a dual-layer destruction protocol to ensure data ephemerality.

1. Instant Burn

If "Burn Immediately" is enabled by the sender, the decryption client issues a hard delete command to the server the moment the data is retrieved. This prevents replay attacks.

2. Server-Side Janitor (Failsafe)

To prevent "Zombie Data" (data read but not deleted due to network error or malice), an automated administrative process scans the database every minute. Any encrypted artifact older than 10 minutes is permanently purged from physical storage.

Security Architecture

Threat Model: Trusted Server

While client-side encryption protects content, metadata (IP address, access times) is visible to the infrastructure providers (Cloudflare & Google). Use Tor or a VPN if metadata obfuscation is required.

Rate Limiting & Abuse Prevention

To maintain service availability and prevent storage flooding, the API enforces strict rate limits on anonymous sessions via Cloudflare Edge protection.

Method Token Bucket

Limit 50 Secrets / Session

Reset On Session Terminate

API Reference

For detailed endpoint documentation, please visit the dedicated API Reference Page.