Start a room and share the link, or join a friend's room. Calls and messages are direct between you two — nothing is stored.
An honest explanation. Read this before trusting it with anything sensitive.
StelCom is peer to peer: your phone talks directly to your friend's phone. To find each other, the two phones first swap "addresses" through a small signaling server, then connect directly. Voice and text flow between just the two of you.
AES-256 with PBKDF2. When you encrypt files, they're locked with AES-256 — the same standard governments and banks use. The password is stretched through 150,000 hashing rounds, so every guess is slow.
Generated keys match a Bitcoin private key. Generate creates a real 256-bit key shown as 64 hex characters — the same length and strength as a BTC private key. You can also paste a key in BTC format (raw hex or WIF) and the app confirms it's valid.
⚠ Never use a real wallet's private key. Do not paste the private key of a Bitcoin wallet that holds funds. If a file leaks, so does the key — and your coins with it. Use this app's Generate, or a fresh key from your own generator that is not tied to any wallet. The BTC format is only used here as a strong 256-bit secret, never to touch real funds.
Generated passwords are uncrackable by brute force. A 256-bit key would take a supercomputer guessing a billion times per second far longer than the age of the universe to break. AES-256 itself has never been broken.
The weak points are human, not the math: a short custom password, or sending the password in the same channel as the file. Use Generate (or long random words), and share the password separately.
Self-extracting. Encrypted files become a self-opening .html that works in any browser, offline, with no app — so anyone can open them anywhere.
Encrypted by default. WebRTC encrypts voice and text between the two phones automatically. The relay can't read or hear your conversation.
Nothing is stored. No accounts, no servers keeping your chats. Close the page and the conversation is gone.
Optional file encryption. Bundle and lock files with AES-256 to save, share, or send.
Not unblockable. The page, signaling server, and relay all live at fixed addresses. A national firewall (e.g. China, Iran) can block them. No web page can fully beat a state firewall — even Signal and WhatsApp get blocked.
Not untraceable. Peer-to-peer calls reveal both phones' IP addresses to each other and the relay. An observer can see that you connected, when, and often from where — even though they can't read the content. This "metadata" is what surveillance relies on.
💡 Want to hide your IP? Run StelCom behind a VPN or inside the Tor Browser — that masks your real address from the relay and your friend. Caveat: for voice calls, WebRTC can still leak your true IP even through Tor, so for chat-only it helps more than for calls. For anything truly high-stakes, use Signal.
Not anonymous. Encryption hides the message, not the fact you communicated.
Not always-on. It lives in the browser tab — there's no background app. Close the tab, lock the phone, or switch away and the connection can drop. Keep the tab open during a call.
StelCom is good for private friend-to-friend calls and chat without Big Tech storing anything. It is not a tool to evade a government firewall or hide that you're talking. Use it for what it is.
Every app here keeps your message content private (encrypted). The real difference is the metadata — who you talk to, when, how often, your number, your contacts. That's the "envelope," not the letter — and it still reveals a lot.
| Viber | Signal | StelCom | ||
|---|---|---|---|---|
| Messages & calls encrypted | ✓ | ✓ | ✓ | ✓ |
| Encryption strength (text & voice) | AES-256 🥈 | AES-256 🥉 | AES-256 🥇 | AES-256 🥈 |
| Needs your phone number | Yes | Yes | Yes* | No |
| Uploads your contacts | Yes | Yes | No | No |
| Stores who-talks-to-whom | Yes (Meta) | Yes | Almost none | Relay sees IPs |
| Keeps message history | Yes | Yes | On device | Nothing stored |
| Ads / data business | Yes (Meta) | Yes | No (non-profit) | No |
| Independently audited | Protocol only | No | Yes (open source) | No |
| Works with no install | No | No | No | Yes (web link) |
| Always-on (background) | Yes | Yes | Yes | No (tab open) |
| 🔐 Privacy score | 1.5/8 | 1/8 | 6/8 | 6.5/8 |
*Signal can use a username to hide your number. Encryption strength (text & voice): all four encrypt both messages and calls with AES-256 — it's never been broken, so the raw cipher is a tie. (StelCom uses WebRTC's DTLS-SRTP for calls & chat; the encrypted-ZIP feature adds its own AES-256.) The 🥇🥈🥉 medals rank trust: Signal is open-source & audited (provable), WhatsApp uses the identical Signal Protocol but is closed-source, StelCom is open to read but unaudited, Viber's is custom & closed. The privacy score counts privacy wins only — not features, reach, or reliability, where WhatsApp & Viber lead. Sources: independent 2026 privacy reviews.
The actual math is strong across all of them — the differences are in who runs it and what's open, not the cipher strength.
In short: the algorithms (AES-256, Curve25519) are the same gold standard nearly everywhere. Open-source + audited (Signal) is what lets outsiders prove it's done right.
Signal — the privacy gold standard. Open-source, audited, almost no metadata, a non-profit with no ad business. Best for sensitive or high-stakes conversations. Downside: fewer of your friends use it.
WhatsApp — encrypted messages, but owned by Meta. It collects heavy metadata (your number, contacts, who you talk to, when) and feeds it to Meta's ad machine. Best for: everyone already has it. Downside: biggest data footprint.
Viber — encrypted chats, but uploads your contacts, collects metadata and your IP/location, and shows ads. Popular in Europe & Asia. Similar privacy trade-offs to WhatsApp.
StelCom — no app, no account, no phone number, nothing stored. Great for a quick private call/chat from a link. Downside: it's not audited, not always-on (lives in the browser tab), and the relay can see the two IP addresses. Not for high-stakes use.
For anything sensitive or risky, use Signal. For everyday reach, WhatsApp or Viber is where your friends are. Use StelCom for a fast, throwaway, private line when you just want to talk to one friend with nothing saved and nothing to install.
Live calls & chat — peer to peer
StelCom is a simple way for two friends to talk and text live, straight from a web link — no app to install, no account to make, no sign-up.
One person starts a room and shares the link. The other opens it. That's it — you're connected, phone to phone. Your voice and messages travel directly between the two of you.
📞 Voice calls with mute, volume and a live connection monitor.
💬 Text chat with delivery & read ticks, just like the apps you know.
📤 Share a room link so anyone you trust can join you.
Nothing is stored. No accounts, no history, no servers keeping your conversations. Close the page and it's gone.
Direct & private. Calls and messages are encrypted between the two phones automatically.
It works best when the two of you are on different networks (your normal everyday situation). For a full breakdown of privacy and limits, see the 🔒 Privacy page.
StelCom
Easy step-by-step guide
1. Tap Generate to make a room code, then Start / Join room.
2. Tap 📤 Send room link and send it to your friend (WhatsApp, SMS, email — anything).
3. When they open the link, you're connected. Start chatting or tap 📞 to call.
On the first screen, tap Generate for a random room code (or type your own). Then tap Start / Join room.
You'll see "Waiting for friend" — that's normal. You're in the room, waiting for the other person to join.
Tap 📤 Send room link — your phone's share sheet opens. Pick any app to send the link.
Or tap the ⧉ copy button next to the room name to copy the full link, then paste it wherever you like. The bar flashes green when copied.
Your friend just opens the link — no app, no sign-up. They join instantly.
Type in the message box and tap ➤ (or press Enter). Each message shows a traffic-light status — red → yellow → green:
Photos & files show the same status — if it stays on Sent and never reaches Delivered, it didn't fully arrive; send it again.
Once your friend has joined, tap the green 📞 button in the top bar. They'll hear it ring.
During a call you can mute your mic and adjust volume. Tap the red 📵 to hang up. To cancel before they answer, just tap 📵 again.
Tap the 📎 clip button to send:
📷 Photo — pick an image, it sends compressed.
📎 File — any file up to 8 MB.
📍 Location — shares your current GPS spot as a map.
🔒 Encrypted ZIP — bundle & lock files (see below).
You can prepare attachments even before your friend joins — they'll send automatically once connected.
Tap 📎 → Encrypted ZIP, choose files, and tick 🔒 Encrypt.
Tap 🎲 Generate BTC key for an uncrackable 256-bit password (or type your own). 📋 Copy it — you'll need to give it to your friend separately.
Then Save, Share, or Send the file. It becomes a self-opening .html file: your friend opens it in any browser, types the password, and gets the files — no app needed.
⚠ Send the password by a different channel than the file (e.g. tell them in person or another app).
StelCom runs inside your browser — there's no background app.
📵 The call and chat stay live ONLY while this tab is open and on screen.
If you close the tab, lock your phone, or switch to another app, the connection drops. Keep StelCom open and in front during a call. To reconnect, reopen the same room link.
Make sure you're on different networks. It connects most easily when you and your friend are each on your own network (e.g. you on WiFi, them on mobile data).
If it gets stuck, tap ↻ Reconnect, or both leave and rejoin the room with the same link.
Both phones must allow microphone (for calls) and location (for sharing location) when asked.
Tap ← Leave room when you're done. Nothing is saved — close the page and the whole conversation is gone.
Watch it step by step
It moves on its own — or tap Next when you're ready.