📥 About Message Backups

Why your chat history might disappear, and what you can do about it.

TL;DR: Encrypted chats are stored in your browser and will be permanently lost if you wipe your browser's site data — this is more than just clearing the cache or doing a hard refresh. If you need to wipe, export a backup first, then import it at jabber.undeadcavity.com/import before signing in. Import first, then log in — not the other way around. Restore as soon as possible to avoid losing access to messages that arrive after the wipe but before you sign back in.

🔒 Where are my messages stored?

This chat client uses OMEMO end-to-end encryption. When you receive an encrypted message, your browser decrypts it and stores the plaintext in your browser's local database (IndexedDB — part of your browser's site data, not the page cache). The server only ever sees encrypted ciphertext.

⚠️ When does history get lost?

Because the decrypted messages only exist in your browser's site data, they are permanently deleted if you clear your browser history and include cookies and site data in what you clear. The server cannot restore them — it holds encrypted copies, but those can only be decrypted by a device that already had the right session keys when the message was originally sent.

Important: If you ever need to wipe your browser data, export a backup first. Once site data is cleared, the decrypted messages are gone permanently.

🔑 What about OMEMO encryption keys?

The backup includes your OMEMO identity keys. These are the long-lived keypair that identifies your device to other users. Restoring them has two practical benefits:

Contacts will not need to re-verify your fingerprint after a restore.
New incoming messages encrypted to your device key will be decryptable immediately — your device identity is preserved, so other clients continue encrypting to the same key.

Note that OMEMO identity keys do not help decrypt old archived messages. The per-session ratchet keys used to encrypt each individual message are ephemeral and are discarded after use. The only copy of those decrypted messages is in IndexedDB — which is exactly what the message backup saves.

⚠ Do not use this backup to run two active sessions simultaneously. The backup is intended for browser wipes and computer migrations only. If you restore this backup onto a second browser or device while your original session is still active, both sessions will share the same OMEMO keypair. Because the OMEMO double ratchet advances with every message received, the two sessions' ratchet states will diverge and decryption will break on one or both sides. Only one active session should use a given keypair at a time.

📱 What about using multiple devices?

OMEMO encrypts each message separately for every device that is registered at the time it is sent. A device you add later can decrypt new messages from the point it was registered — but it cannot decrypt messages that were sent before it joined. There is no catch-up decryption. Each device maintains its own independent copy of your chat history.

💬 Do non-encrypted chats need backups?

No. If a chat is not OMEMO-encrypted, the plaintext is stored on the server and your client will re-sync it automatically on login. You only need to worry about backups for encrypted conversations.

You can tell whether a chat is encrypted by the lock icon at the bottom of the chat window: a closed green lock means the conversation is encrypted; an open lock means it is not. Encryption is enabled by default when you choose This is a trusted device at login.

👥 What about group chats?

Group chats can be OMEMO-encrypted, but only if the room is set to members-only and every member is using a client that supports OMEMO encryption. If everyone in the group is using an @undeadcavity.com account and accessing it through this web client, that condition is met.

🔄 How do backups work?

The 💾 Export Backup button (visible after you log in, below your username in the top-left) downloads two files:

converse-messages-backup.json — a full export of your messages and OMEMO identity keys, importable at the restore page
converse-messages-YYYY-MM-DD.html — a readable offline log of your chats

To restore, visit Restore Message Backup on the home page before logging in, import your JSON file, and you'll be redirected to login. Your messages and OMEMO keys will be in place when you arrive.

Compatibility note: Backup and restore has been tested with Firefox on the same OS. Restoring across different browsers or operating systems may work, but is not guaranteed. When migrating to a new computer, export a backup beforehand and restore it on the new machine before logging in for the first time.

📥 Restore a Backup ← Back to Home