How to send a secret coded message (one that actually takes work to open)

A folded note slid across a classroom had one property worth remembering: only the right person was supposed to read it, and nobody could just screenshot it and forward it on. Most digital "private" messaging doesn't replicate that. Private usually means password-protected by someone else's server. Disappearing means something approximate. What the paper note had was a cover, something that looked like nothing to the wrong person, and a mechanism, something that kept the contents for one reader only.

If you want a message someone actually has to decode, you need both.

The cover is what everyone else sees

A coded message without a cover is just a locked box. The lock announces itself. What made the folded-note approach work was that it looked like nothing to anyone not meant to open it.

When you use GhostCode, you get two kinds of covers. The first is a photo. You pick an image, write your message, set a key, and what comes out looks like an ordinary JPEG. There's nothing in it that signals anything is hidden. The recipient opens the photo in the app, types the key, and reads the message. Anyone else just sees a photo of whatever you shot.

The second cover is a QR code. A standard scanner opens whatever link the code encodes. With a Decoy Link, that public link is exactly what it looks like: a real, working URL, something innocuous or contextually clever. The actual message sits beneath it, readable only through the app with the key you shared separately. Scan it with a camera, get the decoy. Open it in GhostCode with the right key, get the real thing.

Neither option requires accounts or a notification feed. The cover is the whole story to anyone without the key.

The clue is how they know to look

Giving someone a coded message is half the work. The other half is the signal: the thing that tells the right person something is there to find.

A few approaches that work in practice. A physical object with a QR printed into it: inside a card, attached to something they'll pick up, taped somewhere with meaning. The code looks like a contact card or a link to a playlist. It isn't. A photo sent through a normal channel, a picture of somewhere you've both been, or just something that seems unremarkable to anyone else. They know to open it in GhostCode. Nobody scrolling past does. A clue trail where each decoded message contains the next location: a park bench, a page in a specific book, a spot in the apartment. The messages chain easily because each one can point anywhere. The last one ends the trail.

The clue can be explicit, "open this in GhostCode," or it can be part of the puzzle itself. With the right crowd, an unusual image or a QR taped inside a book is signal enough without explanation.

What the message can carry, and who can read it

The message inside can be almost anything: a sentence, a paragraph, a URL, coordinates, another clue, something you'd only say in private. The constraint is the same as any message: the recipient needs the app and the key, and those two things arrive separately. The key doesn't travel with the code.

That separation is the point. You share the key another way: in person, by voice, in a previous conversation, or as part of the puzzle structure itself. The right person already has it. Someone who finds the QR or the photo without the key has nothing to open.

GhostCode also supports a Failsafe for situations where the cover needs to hold up under scrutiny. Set a second key and a second message alongside the real one. If someone pushes you to reveal the key, you give them the decoy. They open the message and see something harmless. The real message stays hidden. It's a feature that makes sense for anything where the cover actually matters, a scavenger hunt where participants might compare notes, a puzzle where the challenge includes misdirection.

And if timing is part of what you're building, a Self-Destruct layer makes the message un-openable after a set point. The clue exists for a window of time. Find it or you won't. From the sender's side this is just a setting at creation: pick when it expires. After that, the app won't open it again regardless of whether someone has the key.

Three ways this plays out

For a scavenger hunt: encode a QR into each clue card. Each message contains the next location. Decoy Link makes the code look like a website to anyone who scans it with a camera. Participants know to use the app; strangers who stumble on a card get a dead end.

For a partner: send a Pixel Ghosting photo, a moment you both remember, or just something ordinary. The message underneath says something you'd say in private. It arrives looking like a photo. It reads like a note. Set a timer and it's gone after two days, no trace in any app's history.

For an ARG or puzzle: layer the key into the puzzle structure. Maybe the key is the answer to a previous puzzle. Maybe the cover image is itself a clue. The recipient has to earn both the code and the key before the message reveals itself. You can build that however you want because the mechanism just requires: a key, a carrier, and a recipient who has both. Everything else is up to the puzzle.

None of this requires a shared server or a special account on both ends. The sender makes the code, shares the key however fits the scenario, and sends the cover through whatever channel makes sense. The decoding is on the other end.

For more on the photo approach specifically, there's a post on hiding a message inside a photo. For the QR side and how Decoy Link works in practice, see the post on putting a hidden message in a QR code.