Sotto is a static page. There is no Postern server, no account, no telemetry, and no analytics.
Your API key and settings live in this browser’s localStorage; the conversation lives in this tab’s memory
and is gone when you close it. The honest ledger:
◮
Your words → Anthropic (when you send a message)
Each turn, the conversation text is sent from your browser directly to
api.anthropic.com, authenticated with your key — no middleman relays or logs it.
Anthropic processes it under your agreement with them (their usage and data-retention terms apply).
If you never send a message, nothing is ever transmitted.
◮
Your voice → your browser’s vendor (only while you hold to talk)
Voice input uses the browser’s Web Speech API. In Chrome and most browsers this
sends your audio to the browser vendor’s servers for transcription — so speech input is
not fully private. It is strictly push-to-talk: the microphone is captured only while you hold
the orb or the space bar, never in the background. Want zero audio leaving the machine?
Type instead — the text path is fully local until you hit send. The real product ships an
on-device Whisper (whisper.cpp/WASM) engine in the same slot.
●
Spoken replies — on-device
Text-to-speech uses your operating system’s voices via speechSynthesis. Audio is generated
locally and does not leave the device.
●
Key, settings, conversation — this browser only
API key + preferences: localStorage. With the optional lock set in Settings, the key is stored only
as AES-256-GCM ciphertext sealed under your passphrase; without it, it is readable in localStorage —
Settings says so plainly. Conversation + timers: tab memory only, never persisted.
“Erase everything” in Settings wipes all of it instantly.
What we won’t claim: Sotto is not “100% private.” Anything you send to a model necessarily
reaches Anthropic, and spoken input may reach your browser vendor. What Sotto guarantees is no extra
parties : no Postern servers, no resellers, no analytics — the only network destination in this page’s
code is api.anthropic.com. The source is one readable HTML file; verify it yourself.
Understood