Introduction

By the end of this page you'll know what the OTP gadget is, why you might want one rather than relying on your phone, and the rough idea of how it works.

What is the OTP gadget

A small handheld device that encrypts your messages so strongly that you can send the scrambled result over any channel — including your phone — and no one in the middle can read it.

You build (or buy) two of them. The first time you set them up, you swap a MicroSD card between the two devices to share a one-time pad. From then on, the devices themselves never touch a network. You type a message on one, it shows up as a QR code on the screen; the other device's camera scans it and the message appears. If scanning isn't possible, the same data can be typed in by hand as hex. How the QR code or hex gets from one device to the other — phone photo, screenshot in a chat app, paper, postcard — is up to you, because what's on the screen is just noise without the pad.

The components sit inside a 3D-printed case, wired together — there's no custom PCB.

The whole project is open source - firmware, protocol, parts list, assembly notes, slicer settings, and the printable case files all live in the public repo. The project is funded by donations and (once demand justifies it) by sales of fully-compliant built units.

Why not just use a phone

Most encrypted messaging today runs on phones. Even the better apps — Signal, iMessage, WhatsApp — still depend on:

  • a phone with a radio that's always reachable
  • an operating system you don't control
  • third-party app servers that handle delivery
  • the cloud, somewhere, for backup and contact sync

Any one of those is a foothold for someone who wants to read your messages. Compromise the OS, install spyware, subpoena the servers, swap your SIM, lean on the cloud provider — and the strong crypto inside the app stops mattering, because the plaintext and the keys are sitting on a device the attacker now controls.

The OTP gadget takes the plaintext and the keys off the phone entirely. The gadget has no radio, no app store, no server, no account, no cloud — and crucially, your phone (or any other transport you use to move the QR code) never sees the message or the pad. It only sees the scrambled output, which is mathematically unbreakable without the pad. So even a fully hostile pipe — a tapped network, a backdoored chat app, a spying ISP — carries nothing useful.

That trade is the whole point: you give up convenience (you have to get a MicroSD card to the other person once, somehow) in return for a system where the parts that touch the network are deliberately holding nothing worth stealing.

How it works

The whole system is two devices and two MicroSD cards — one per device.

During setup, each device generates a long sequence of random data. One card is moved between the two devices (usually in person, but anything that gets a MicroSD card from one person to the other works — mail, a courier, leaving it in a dead drop) so the two sequences can be combined into a shared one-time pad; the pad is then split between the devices so each device's send-bytes match the other's receive-bytes. After this one-time setup, the cards stay with their devices, and the devices never need to meet again.

When you send a message, the device scrambles the text using the next unused part of the pad, and shows the scrambled message as a QR code. The other device scans it (or you type its hex by hand) and uses the same part of the pad to unscramble it. Each piece of the pad is used exactly once and then discarded.

As long as the pad bytes were truly random and never reused, the scrambled message is mathematically impossible to read without the pad — no clever attack, no future computer, no quantum machine breaks it. This is the only encryption with that property.

For the details — exact algorithms, the wire format, how the SD card is laid out, how the device handles errors — see How it works (deep dive).

Threat model

Worth being honest about. The gadget is strong against a specific set of threats and weak against others.

It does protect against:

  • Anyone listening in on the network or the airwaves. There's no network and no radio.
  • Anyone who compromises a server you'd normally use to send messages. There's no server.
  • Anyone who intercepts the scrambled message itself. Without the pad, it looks like random noise.

It does not protect against:

  • Someone who physically takes your device and knows your PIN. The card is encrypted at rest, but it's unlocked while you're using the device.
  • Someone reading your screen over your shoulder, or photographing it.
  • A device that's been tampered with — bad firmware, a hostile build, anyone with physical access before you got it.
  • Reusing the same piece of the pad twice. The device tries hard to prevent this, but restoring an old backup of the SD card can do it. Reusing pad bytes destroys the security.
  • The fact that you and another person are exchanging messages at all. The contents are private, but the existence of the exchange isn't.

If those caveats are deal-breakers for you, that's worth knowing now rather than after you've built one.

Next: Getting started — whether this build is right for you, what skills and tools you'll need, what it costs.

Ask a question

Missing something?

Send a question about this page. Useful questions may become FAQ or troubleshooting entries later.

Pinned to 0e7c8e4 · 2026-06-02