GhostNote is a secure, anonymous messaging platform. Users generate single-use links to receive messages, manageable via a web dashboard or a Telegram bot interface.
The project is a monorepo built natively for the Cloudflare edge ecosystem. It consists of three independent Cloudflare Workers:
- api/: Core backend handling REST routes, database operations, and encryption. (Hono, Drizzle, D1) - View API Docs
- ghostnote-web/: Public web interface and user dashboard. (Next.js, OpenNext, Tailwind CSS)
- telegram-bot/: Stateless webhook handler for Telegram integration. (KV)
The platform implements strict access controls and data protection mechanisms:
- Message Encryption: All submitted messages are encrypted at rest using AES-GCM via the Web Crypto API.
- Link Security: Links are single-use and require a hash-verified password for submission.
- Authentication: The web dashboard relies on secure JWT authentication.
- Internal Communication: The Telegram Bot and API communicate over a private network via Cloudflare Service Bindings, protected by internal pre-shared secrets.
Requires Node.js and Wrangler.
- Install dependencies across all workspaces (
npm install). - Configure
.dev.varswith required local secrets per workspace. - Start the local development servers (
npm run dev).
Note: Docker is provided strictly for local development convenience. Production deployments remain fully Cloudflare-native.
- Provision production secrets using
npx wrangler secret put. - Apply D1 database migrations.
- Deploy each workspace using
npm run deploy.