ONYX v1.5-beta: Emergency PIN with a full decoy environment
Released v1.5-beta of ONYX, and one of the things we added is Emergency PIN support.
A secondary PIN opens a completely separate decoy environment instead of your real account. You configure what’s in it — chats, avatars, display names — so it looks like a normal, lived-in account. There’s no visual indicator that it’s a decoy.
The use case is straightforward: situations where you’re pressured into unlocking your messenger. The Emergency PIN is kept entirely separate from your main PIN and can be changed at any time.
- GitHub: https://github.com/wardcore-dev/onyx/releases/tag/v1.5-beta
- Website: https://onyx.wardcore.com/
Happy to answer questions.
On mobile the key comes from the platform keychain — tied to device unlock, not the app. On desktop it’s machine-derived. The decoy PIN threat model is coercion — someone watching you unlock. If an attacker already has filesystem access, you’ve got bigger problems than the PIN.
Machine derived decryption key is basically the same as unencrypted.
Android story is better, but you effectively hold a backdoor. You can push an update that defeats the decryption without any user interaction.
Ideally, decryption should involve the user inputting a pin or password.
Yeah, you’re right. I’ll fix this in the next update.