End-to-end encryption you can verify — because trust shouldn't require blind faith.
The Contastic server is intentionally blind to your private data.
Private contact fields are encrypted on your device with the recipient's RSA public key before upload. The server stores only the resulting ciphertext.
Your RSA private key is generated locally and never transmitted in plaintext. An encrypted backup is optionally stored on the server — but only you can decrypt it.
Email address, public RSA key, public contact fields (FN, EMAIL, etc. marked public), subscription relationships, and encrypted blobs. Nothing else.
Standard algorithms, no proprietary crypto.
On registration, a 2048-bit RSA key pair is generated locally using the Web Crypto API (browser) or Android's KeyPairGenerator. Public exponent: 65537.
Each private data value is independently encrypted with the recipient's RSA public key. MGF1 uses SHA-256 for both Android and Web Crypto interoperability.
Private key backups are encrypted with AES-256-GCM. The AES key is derived from your password using PBKDF2 (100,000 iterations, SHA-256, 16-byte salt).
Passwords are hashed with argon2id server-side. Legacy bcrypt hashes are transparently upgraded to argon2 on next login.
Defense-in-depth for the backend API.
Login (5/min), register (3/hr), search (30/min), and subscription endpoints are rate-limited in production to prevent brute-force and abuse.
Any IP that probes non-API paths (e.g. /.env, /wp-admin) is automatically banned for 24 hours after two probes.
Only explicitly allowlisted origins are permitted. No wildcard CORS policy.
Default 1 MB limit; 10 MB override for key backup uploads. Prevents memory exhaustion attacks.
Login performs a dummy hash comparison for non-existent users to prevent timing-based account enumeration.
The Docker container runs as a dedicated non-root appuser to limit the blast radius of any exploit.
You don't have to take our word for it.
All three components — server, web client, and Android app — are open source on GitHub. Audit the code, run your own instance, and contribute improvements.
View on GitHub