StillHere monitors whether you've checked in. If you go silent for too long, your in-app alerts, messages, and files are delivered inside StillHere to the people you trust — without needing you to do anything.
If you stop responding — the people who matter most will know.
StillHere runs quietly in the background. You check in regularly. If you don't, your trusted StillHere contacts are automatically notified in the app and can receive your staged messages and files there.
Choose Direct Mode for a simple non-response alert, or Guardian Mode for server-backed in-app delivery of staged messages and files. Configure your check-in interval — anywhere from 8 hours to 7 days.
Write messages and upload documents you'd want delivered. Assign each one to specific people in your Trusted Circle — different people can receive different content, with unique secure download links.
When you're active, a single "I'm Here" check-in resets your timer. If a warning arrives and you're okay, just tap it. If you don't respond within the grace period, the system takes over automatically.
Choose the mode that fits your situation. Both support StillHere app recipients now, while off-app delivery is planned for a future update.
When your device becomes unreachable or you stop responding, a simple in-app alert is sent to the StillHere contacts you've selected. No staged messages. No files. Just a notification that something may be wrong.
The server holds your messages and files until you stop responding. After your heartbeat interval and grace period expire, the backend verifies your eligibility and delivers everything to StillHere app recipients through push and the in-app inbox. Email and SMS delivery are planned for a future update.
The server tracks exactly where you are in the monitoring cycle. Here's the full state machine that runs silently on your behalf.
← swipe to see full diagram →
You've activated Guardian Mode. The server owns your timer. Each check-in resets the countdown from that moment.
The server sends a warning push to your device. Tap "I'm Here" to immediately reset the timer. No action needed beyond that.
Your check-in interval expired. The grace period (configurable) is your final window. You can still check in and reset normally.
The backend verifies your eligibility, then delivers all staged messages and file links to their assigned StillHere contacts via push and the in-app inbox.
How often you must check in. Choose a cadence that fits your life — daily, every few days, or weekly.
Time after the deadline before delivery fires. A buffer for situations where you're delayed but still reachable.
Compress timers to 5 minutes minimum so you can verify the full Guardian flow without waiting days. Disable before going live.
Not everyone in your circle gets the same thing. You decide exactly who receives which message or file — and each recipient gets a unique, secure download link.
Share your QR token in person. They scan it and are immediately added to your circle.
Search by the exact email address of an existing StillHere user.
Find users by partial username match — fast and simple.
Look up users by their exact XRPL wallet address if they've linked one.
When Guardian Mode triggers, the backend currently delivers through StillHere app channels only. Email and SMS are being held back until they are production-ready.
Email delivery is not active right now. When it returns, messages and secure file links will be sent to approved recipients.
SMS delivery is not active right now. It will return later once routing, compliance, and cost controls are ready.
If the contact has StillHere installed, a push notification is delivered directly to their device. Stale or unregistered tokens are pruned automatically.
Write what you want your loved ones to know. Each message has a title and body. Assign to one or many contacts. The message title and body are delivered in full, per recipient, through the StillHere app and push notifications.
Upload documents, photos, or any file up to 100 MB. Each recipient gets a unique, tokenized download link — not a shared URL. Links expire after a configurable number of days. The server tracks the first download timestamp.
failed. The trigger record and delivery logs capture the full outcome regardless.
Guardian Mode requires verified access. You can use either an active in-app subscription or a linked XRPM wallet — whichever fits you.
Purchase a Guardian Mode subscription through the App Store or Google Play. As long as your subscription is active, you have full access — no wallet required.
Link your XRPL wallet via the XRPM app. You can configure your entire Guardian setup with just a linked wallet — the 1,000 XRPM balance is only checked when delivery would actually trigger.
paused, and you'll need to resolve eligibility and reactivate manually. This prevents infinite retry loops.
StillHere is designed for a sensitive use case. Every technical decision reflects that.
Refresh tokens are stored as SHA-256 hashes — the raw token is never written to disk. Even a full database compromise cannot be used to impersonate users.
JWT access tokens expire in 15 minutes. Refresh tokens rotate on each use — a stolen token is invalidated the moment the legitimate user next refreshes.
File downloads use unique, 32-byte random tokens — not sequential IDs. Each recipient gets a different token. Links expire. First-download timestamps are tracked.
File names in Content-Disposition headers are stripped of all CR, LF, NUL, and quote characters — preventing header injection attacks.
Cross-origin requests are only allowed from explicitly configured origins. If no ALLOWED_ORIGINS list is configured, all cross-origin requests are blocked by default.
5xx server errors return a generic message to clients. Internal stack traces and database error details stay server-side and never reach the API response.
XRPM login uses a nonce-based challenge-response protocol. Nonces are stored in PostgreSQL with expiry and consumed on first use — replay attacks are blocked at the database level.
Files and messages can only be assigned to contacts already in your Trusted Circle. The server verifies every recipient assignment before writing to the database.
Every delivery attempt — success or failure — is written to delivery_logs with channel, status, and error detail. Nothing is silently dropped.
Three sign-in methods, one account. Link your XRPM wallet later if you want Guardian Mode without a subscription.
Use Apple ID for privacy-first sign-in. Apple may relay your email address — your account still works fully either way.
Use your Google account for quick sign-in. Profile name and verified email are synced automatically.
Open the XRPM app to sign a cryptographic challenge. No password. No email required. Unlocks Guardian Mode with 1,000+ XRPM.
Set up once. Check in when you can. StillHere handles the rest — quietly, reliably, and only when it truly matters.
Mobile app coming soon. Server infrastructure is live.
Built by Lunexa