Built on trust

Security you can feel,
not just trust.

Real privacy shouldn’t require a leap of faith. Here’s exactly how LMN8 keeps your data yours — in plain language, no asterisks.

Permanent deletion

Zero overwrites the real bytes of a file across the whole drive, using methods that meet recognised data-sanitisation standards. When it’s gone, it’s gone — and you get a record to prove it.

Layered encryption

Encrypt protects files in place with well-established, peer-reviewed ciphers. Stack several together for your most sensitive vaults, and keep the keys on your device alone.

Private by design

SOS shares your location peer-to-peer and end-to-end. Nothing passes through a server that can read it, and nothing is ever kept once a share ends.

Our commitments

Six promises we
design around.

These aren’t marketing lines. They’re constraints we hold ourselves to in every release.

Your keys never leave your device

Encryption keys are derived and stored locally. We can’t read your data — not for support, not for anyone.

Zero retention by default

We keep nothing we don’t absolutely need. No location history, no shadow copies, no quiet backups.

No telemetry

No tracking, no analytics following you around the app. We genuinely can’t tell you what you stored.

Independently reviewed

Our security is assessed by outside specialists, and we publish what we can so you don’t have to take our word for it.

Built in Rust

Our core is written in a memory-safe language, closing off whole classes of common vulnerabilities by design.

One-click account deletion

Leaving is as easy as joining. Delete your account and associated data in minutes, no support ticket needed.

Under the hood

What “deleted” really means at LMN8.

We don’t rely on scrubbing bytes and hoping. We seal the file with a one-time key, then destroy that key — so your data becomes mathematically irrecoverable before a single overwrite pass even begins. Everything after is defense in depth.

1
Encrypt

Every byte is sealed with a fresh, random AES-256-GCM key — generated for this file and this moment alone.

Point of no return
2
Destroy the key

The only key lives in locked memory, never written to disk, cache, or swap — then it’s shredded. No key, no decryption, ever.

3
Overwrite & release

What’s left is overwritten pass after pass; on SSDs the blocks are TRIM-released to the drive.

4
Verify & certify

We read it back to confirm nothing remains, and hand you an optional signed record that it’s truly gone.

The key is never stored in memory you don’t control, never cached, and never synced. Once it’s shredded, the math does the rest.

Trust, earned the honest way.

Read exactly how each power works, or just try it and feel the difference.