Trust & Privacy
Last updated: 2026-05.
MINAWA is a small, voice-first social product in active beta. We don't want to mislead you about what we protect today versus what is still on the roadmap. Here is the truth.
1. Direct messages are stored in plaintext on our server.
We do not yet do end-to-end encryption. Anyone with server access — including MINAWA staff with database access — could in principle read your DMs. For anything sensitive, use a real E2EE app (Signal, Telegram secret chats, Wire) instead. We're honest about this so you can make an informed choice.
2. Voice posts are public by design. Voice DMs are gated.
When you post a voice publicly, the audio file is reachable by anyone who has the URL — that's how share-by-link, embed previews, and unsigned-in listening work. When you send a voice DM, we check at serve time that the listener is a participant of the conversation; non-participants get a 403. Non-DM audio (your profile's voice intro, your replies on a public post) follows the public rule.
3. Voice calls are encrypted between you and the other person. Call metadata is not.
Live call audio uses WebRTC's built-in SRTP encryption and our TURN relay cannot decrypt it — we hear nothing. But we do see signaling metadata: who called whom, when, codec choices, and IP candidates passed during call setup. This is logged on our server in plaintext for the duration of the call.
4. Account data and the database itself are not encrypted at rest.
The Postgres database, your handle, your name, your avatar, your bio, your follow graph, your call/DM history — all sit on an unencrypted disk on a single VPS during this beta. A server compromise would expose all of this. We do not accept payments and do not collect highly sensitive personal data for that reason. We'll move to disk-encrypted infra before public launch.
5. You can delete your account immediately.
From /delete-account, confirm with your password and your account is removed in a single transaction: voice posts, replies, follows, likes, bookmarks, calls, DMs, and notifications all cascade-delete. Conversations you participated in survive for the OTHER participant's view (we don't silently rewrite their history). Audio files on disk become orphaned and are pruned on a separate sweep. If you forget your password, the manual request form on the same page is processed within 48 hours.
In transit
- HTTPS (TLS) on every page and API endpoint.
- WSS (WebSocket Secure) for real-time call signaling.
- TURNS (TLS) available for media relay when UDP is blocked.
At rest
- Passwords: bcrypt with 12 salt rounds. Never logged, never returned.
- DM contents, post topics, profile data: plaintext in Postgres.
- Voice files: stored on the server's filesystem; private DM audio gated by participation check at serve time.
- Disk encryption: not enabled in beta.
What appears publicly
- Your handle, name, bio, avatar, banner.
- Your public voice posts and replies, including the audio URL (link-shareable).
- Your follower / following counts.
What stays private (server-side, not E2EE)
- Direct message contents and voice DM audio (gated to conversation participants).
- Your blocked-user list.
- Your reports.
- Your email (if you provided one for delete confirmations).
Block, report, ban
- Blocking hides past and future DMs from that person in your inbox. The other person still sees their copy of your past messages.
- Blocked users do not appear in your search results, suggested users, or feed.
- Reporting an account or post adds it to a moderation queue. We review manually during beta.
- Banned users can no longer sign in; their public posts are filtered from organic surfaces.
Roadmap
- End-to-end encryption for DMs (Signal-protocol style, with device-managed keys).
- Disk-level encryption on the database host.
- Signed short-lived URLs for public audio playback (so leaked links can be revoked).
- Self-serve audio file pruning when posts are deleted.
- Per-message read receipts and online presence — only if we can do them honestly.
Questions or concerns? Email support@minawa.fun. We will not lie to you about what is and is not protected.