Your conversations. Your keys. No one else's business.

---

🔐 What is LowkeyDM? LowkeyDM is a browser extension that wraps your Instagram Direct Messages in end-to-end encryption — right in your browser, before anything touches Instagram's servers. Set a shared secret password with your chat partner. Anyone else who intercepts your message? They see gibberish. Only you two hold the key. No servers. No accounts. No data collection. Just math.

┌─────────────────────────────────┐ │ MESSAGE FLOW │ │ │ │ You type: "meet at 9pm" │ │ ↓ │ │ 🔒 Encrypt with shared key │ │ ↓ │ │ Sent: "🔒ENC:x9Kp2mL..." │ │ ↓ │ │ Partner decrypts with key │ │ ↓ │ │ They read: "meet at 9pm" │ └─────────────────────────────────┘

---

✦ Features

🛡️ P2P Encryption Messages are encrypted locally in your browser before being sent. Instagram never sees the plaintext.

🗝️ Shared Secrets Only people with the exact same password can decrypt and read your messages. Zero trust required.

🧩 Seamless Integration Lock and unlock icons are injected directly into Instagram's web UI — no tab switching, no friction.

---

🛠️ How to Use

Step 1 — Set Your Password

Click the LowkeyDM icon in your browser toolbar and enter a Secret Password.

⚠️ Your chat partner must use the exact same password. Share it out-of-band (in person, via a phone call, etc.) for best security.

Step 2 — Encrypt & Send

1. Open a conversation on instagram.com
2. A 🔒 lock icon will appear next to the message input box
3. Type your message and click the lock icon
4. Your message transforms into an encrypted string → 🔒ENC:abc123...
5. Hit Enter to send as usual

Step 3 — Decrypt Received Messages

1. When you receive a message starting with 🔒ENC: — it's encrypted
2. A decrypt icon appears inside the message bubble
3. Click it to reveal the decrypted message in a secure overlay
4. Only visible to you, only for that session

---

📥 Installation

🖥️ Desktop Browsers

Chrome · Brave · Edge	Mozilla Firefox
Download this repo as a ZIP and extract it Navigate to chrome://extensions/ Toggle on Developer Mode (top right) Click Load unpacked Select the extracted folder	Download this repo and extract it Navigate to about:debugging#/runtime/this-firefox Click Load Temporary Add-on... Select the manifest.json from the project folder

📱 Android — Mozilla Firefox

Firefox for Android supports extensions. Here's how to sideload LowkeyDM:

1. Download the extension files to your Android device
2. Open Firefox → Settings → About Firefox
3. Tap the Firefox logo 5× rapidly  ← unlocks hidden dev menu
4. Return to Settings → "Install Extension from File"
5. Select the extension file → Done ✓

---

🏪 Get It from the Store

Chrome Web Store listing — coming soon

---

🔬 Security Model

Encryption Algorithm:  AES-GCM (256-bit)
Key Derivation:        PBKDF2 with SHA-256
Salt:                  Randomly generated per session
Ciphertext Format:     🔒ENC:<base64-encoded-payload>
Data Sent to Servers:  None (all crypto happens client-side)

Your password never leaves your device. LowkeyDM uses the browser's native Web Crypto API — no third-party crypto libraries, no hidden dependencies.

---

🤝 Contributing

Contributions, issues, and feature requests are welcome!

1. Fork the repository
2. Create your feature branch: git checkout -b feat/your-feature
3. Commit your changes: git commit -m 'Add your feature'
4. Push to the branch: git push origin feat/your-feature
5. Open a Pull Request

---

📄 License

This project is licensed under the MIT License — see the LICENSE file for details.

---

LowkeyDM — because some conversations should stay between you and them.