Why zero logs and a burn button keep you safe

Here's the thing about most chat apps: they promise you privacy, then store every word you've ever typed in a database somewhere. We took a different approach. We don't store anything. Period.

Let's talk about what "zero logs" actually means, because a lot of services throw that phrase around and then bury the exceptions in paragraph 47 of their privacy policy.

When you chat on BurnChat, your messages go from your browser to our server and then straight to the other people in the room. That's it. They sit in the server's RAM — the same temporary memory your computer uses when you have a program open. Close the program, the memory gets recycled. There's no hard drive involved. No database. No file that someone could open later and read through your conversation.

So what happens if someone hacks the server?

This is where it gets interesting. Let's say the worst case scenario happens and someone gets into our server. What do they find? Whatever's in memory right now. Maybe a handful of active rooms. Not months of chat history. Not years of archived conversations. Just whatever's happening at this exact moment — and the second those rooms close, even that's gone.

Compare that to pretty much every other chat service. If someone breaches Slack, they get years of messages. Every DM, every channel, every deleted message (yeah, Slack keeps those too). That's exactly what happened to Disney in 2024 — hackers walked out with 44 million messages. Forty-four million. Because Slack had stored every single one.

You can't steal what doesn't exist. That's not a marketing line. That's just how it works.

The burn button isn't a gimmick

We gave every person in a room the ability to burn it. Not just the person who created it — anyone. One click, confirm, and the room is gone. Every message wiped from memory. Every user disconnected. The room ID stops existing.

Why let anyone do it? Because if you're in a conversation that needs to disappear, you shouldn't have to track down whoever made the room and ask them nicely. The whole point is speed. Something feels wrong, hit burn. Done. There's nothing left to worry about.

No logs means no logs

We turned off access logging on our web server. We turned off error logging. We turned off the system journal. The Node.js process doesn't write a single console.log for your requests. There is no log file on our server that says "user at IP address X visited room Y at time Z."

Most services log everything by default and then try to figure out what to delete later. We started from zero and didn't add anything back. The server knows what's happening right now, and it forgets everything the moment it's over.

Is that unusual? Yeah. Most developers would call it bad practice — how do you debug issues without logs? Honestly, it makes our job harder. But it makes your conversations safer, and that's the whole point of building this thing.

What you're left with

When you leave a BurnChat room — or burn it — there is no record that the room existed, no record of who was in it, no record of what was said. Not on our server, not in a backup, not in a log file. The JavaScript garbage collector reclaims the memory and it's done.

If someone showed up with a court order tomorrow asking us for your chat history, we'd have nothing to hand over. Not because we're refusing. Because there's literally nothing there.

That's what zero logs actually means.