How it works

One contract, deployed to each supported chain. Same source, same bytecode. Every commit you see in this app was emitted by one of these addresses, and the source is published on Sourcify so anyone can reproduce the bytecode and read what the contract actually does.

Note: Sepolia is a testnet, so its deployment is for testing purposes only.

When you click commit, your browser handles the heavy lifting locally. It starts by generating a keccak256 hash of your text, creating a unique fingerprint that would break if you changed even a single comma. Your wallet then signs a message containing that hash, and finally, the signature is pushed to the CommitRegistry contract. The contract verifies the signature on-chain before recording a Committed event.

The plaintext never leaves your device. Sunya operates no server, no database, and no indexers. You bring your own wallet, sign your own transactions, and handle your own gas.

The claim that your plaintext never leaves your device is something you can check yourself in under a minute, without reading any source code. Open your browser's developer tools, switch to the Network tab, and start typing into the commit box. Every character, every file drop, and every keystroke is local. Watch the list. Nothing is sent anywhere. The hash is computed in JavaScript that already ran when the page loaded, so there is no network request to make.

When you do click Commit, the only network activity you will see is your wallet talking to the chain's RPC endpoint to submit the signed transaction. That traffic carries the hash and the signature, but it does not carry your plaintext, because the plaintext was never read by anything except the hash function.

If you want to be stricter, use DevTools to block all requests to this domain after the page has loaded (Network tab, right click a request, Block request domain). The app keeps working: hashing still runs locally, the wallet still talks to the chain directly, and you have now cut Sunya out of the loop entirely for the rest of the session. There is nothing we could send or receive even if we wanted to.

Later, if the idea is contested in a dispute or a priority argument, you can reveal the original plaintext. Anyone can re-hash it themselves to confirm that the hash matches the one recorded on chain at a specific block, signed by your key. No trust in Sunya is required, and no trust in any third party is required. The chain's block timestamp is the anchor.

The Verify page on this app is one way to do that check, but it is not the only way. The contract is public and the event log is public; anyone can query it directly.

The commit remains on chain. Your signed hash is still there, still timestamped, and still verifiable as yours. But without the original bytes you can no longer reveal what was committed. A hash is a one-way function, so you cannot recover the text from it.

This is deliberate. The reason the plaintext never touches Sunya is that no server can leak what it never had. The trade-off is that the responsibility for keeping the original content lives with you. If the bytes are gone, the evidence is reduced to "this address committed some hash at this time," which is rarely enough on its own to matter in a dispute.

Back up the plaintext somewhere you trust. Multiple places is better. The commit is the part we secure; the content is the part you secure.

Sunya gives you one strong piece of evidence. You bring the rest. A credible case typically combines the commit with drafts, dated notes, related prior work, and corroborating communications. The commit anchors a specific claim to a specific point in time; the other evidence makes the claim legible and contextualizes it.

There is one behavior that matters more than any technical detail: commit first, share later. If you discuss an idea with someone before committing it, then anyone with that information can commit the same hash before you. Sunya secures what you commit the moment you commit it. It cannot retroactively protect anything you have already disclosed.

The wallet you use is your identity here. Protect its keys. If your key is compromised, someone else can commit under your identity, and your case weakens because observers can no longer distinguish your commits from the attacker's.

A commit is not a patent, a legal filing, or a finding of originality. It is not a guarantee that you had the idea first. It only proves you committed this specific hash at this specific time, signed by this specific key.

It is one piece of evidence, cryptographically anchored, that no party can forge or backdate after the fact. How much that piece matters depends on what else you bring.

There are no user accounts, no stored plaintexts, and no recovery flow. There is no "admin" who can edit the registry or reverse a commit. The contract has no owner and it is not upgradable. If it ever needs a material change, it will be redeployed as a new contract and existing commits will remain valid under the old one.

The only things Sunya operates are the smart contracts and the static files of this client. Everything else, including key custody, gas, plaintext storage, and the decision of when to reveal, is yours.