Orz Chat Is Safe! (it really is)
Hi fellow Codeforces users! I am the guy who wrote the code for Orz Chat and I want to clarify how Orz Chat works and why it is safe.
Abstract
This note aims to clarify the security and privacy properties of Orz Chat (orzchat.com). We describe the basic architecture, communication model, and data handling policies. We also address and correct recent false claims that have caused some confusion in the community.
System Overview
Orz Chat is a lightweight, instant chat service that connects two users through a central server. This server is responsible for pairing users and relaying messages between them. There is no direct peer-to-peer connection between clients.
Key Characteristics
- Server-mediated communication. All messages are exchanged through the server. At no point does a user need to know (or is able to learn) the IP address of their conversation partner.
- Ephemeral message delivery. The server functions purely as a relay. It delivers messages but does not store them.
- Local-only history. For speed and simplicity, chat history is kept only on the user’s device. When a session ends, the server retains nothing.
Security Properties
The design provides the following guarantees:
- Peer IP protection. Users never see each other’s IP addresses.
- No server-side message storage. The server does not keep records of conversations.
- Local retention only. Messages exist only on the client side, giving users full control over their chat history.
- Secure transport. Connections between client and server are encrypted, ensuring that data in transit is protected.
Why the Recent Claim Was False
Recently, a blog post suggested that Orz Chat has vulnerabilities and exposes users’ IP addresses. This is simply incorrect. The architecture explicitly avoids these issues by design: messages pass only through the server, are not logged, and peers have no visibility into one another’s network details.
Commitment to Privacy
We take user privacy and security seriously. Protecting both is central to the design of Orz Chat. There are no hidden shortcuts or compromises. Our system is simple, transparent, and safe.
Conclusion
Orz Chat’s architecture (server-mediated message relay, local-only history, and secure transport) ensures that users are protected against the risks claimed in the false report.
I am writing this because some users seemed alarmed after one user of questionable origins (and questionable rating (and questionable contribution)) posted a funny blog with false claims. Please be assured: we prioritize security, we respect privacy, and we would never allow such vulnerabilities to exist.
Orz Chat is completely safe!
OK bro.. is there any bot system in orzchat? like i refreshed for 5 times and my partner was like asking me the same thing.
Well... there is a thin line between bots and users with low rating...
What about those who always say "Hey" and then "Who are you"? I don't think being a newbie means being retard as this
Hey
a retard can hold much more interesting conversation than this bot.
I asked them what the date was and they said October 4th, 2023...
LOL
there is no war in ba sing se
orz
true