Standard encrypted payloads stand out, raising suspicion immediately. Emoji Smuggle resolves this using advanced Unicode steganography. By leveraging hidden zero-width joiner characters (\u200C and \u200D), it embeds compressed, optionally encrypted binary payloads into plain-looking emojis.
To any observer, you are just sending standard emojis. To your recipient, it is a highly secure, private communication channel.
Emoji Smuggle operates as a seamless cross-platform steganography ecosystem:
graph TD
A[Web Platform - React/Vite] <--> E[Zero-Width Unicode Engine]
B[Android Application] <--> E
C[Browser Extension] <--> E
D[Dev SDK - npm package] <--> E
- Cyberpunk Console: Stunning high-fidelity interface with fluid Framer Motion animations.
- Image Smuggling: Encodes images (scaled with ultra-efficient client-side JPEG quantization) into emoji payloads.
- Open API Platform: Developers can trigger registration-free encoding/decoding API endpoints natively.
A fully-featured Kotlin & Jetpack Compose app featuring deep Android system-wide typing integrations:
- π In-Place Context Menus: Highlight text in any app (WhatsApp, Discord, Notes) and tap "Encode with Emoji Smuggle" or "Decode with Emoji Smuggle" to swap text instantly.
- π Smart Clipboard Auto-Detect: Detects copied stego payloads or normal text on focus and offers instant action pop-ups.
- π€ Native Share Sheet Hooks: Share texts/payloads directly to the app's translucent modal context sheets.
- π΅οΈ Floating Bubble Overlay: An optional draggable overlay service running as a foreground bubble for instant access over any application.
- Adds simple browser context-menu listeners.
- Select, right-click, and click "Encode Highlighted Text" or "Decode Emojis" to smuggle secrets in real-time.
A lightweight, zero-dependency, production-ready steganography engine for Javascript/Typescript backends or web frontends.
Install the package:
npm install emoji-smuggle-sdkimport { encodeMessage, decodeMessage } from 'emoji-smuggle-sdk';
// Encode a secret
const msg = encodeMessage("Meet at dawn π
", { carrier: 'cyberpunk' });
console.log(msg); // π΅οΈββββββββββββββββββββββββββββββββπ¦
// Decode the secret back
const secret = decodeMessage(msg);
console.log(secret); // Meet at dawn π
To secure the payload with custom encryption keys:
const encrypted = encodeMessage("Top Secret Agent Data", {
password: "super_secure_key",
carrier: 'ghost'
});
const decrypted = decodeMessage(encrypted, "super_secure_key");βββ android/ # Android Kotlin / Compose Native App
βββ browser-extension/ # Chrome/Edge Manifest V3 Web Extension
βββ emoji-smuggle/ # The npm SDK package source
βββ src/ # React & Vite Main Platform source
βββ public/ # Global static assets
- Install dependencies:
npm install
- Run development server:
npm run dev
- Build for production:
npm run build
To build and run the native Android app:
We have included portable, pre-configured PowerShell scripts in the root directory that automatically bind the included JDK 17 and compile the binaries:
- Debug APK Build: Run
.\build_android.ps1in PowerShell. - Release AAB & APK Build: Run
.\build_android_release.ps1in PowerShell.
The finalized release files will be generated directly in the project's root folder:
EmojiSmuggle-release-v5.aab(Google Play bundle)EmojiSmuggle-release-v5.apk(Direct installable APK)
To manually build using Gradle, ensure the JVM home in android/gradle.properties matches the compatible JDK 17 (major version 61) to avoid major-version exceptions:
org.gradle.java.home=c:/Users/setup/Videos/WEBSITES FOR CHANGES/emog/temp_jdk/jdk-17.0.19+10Then compile the release bundle and package via:
cd android
.\gradlew.bat bundleRelease assembleReleaseThe production packages are signed automatically during the build process using the local Java keystore file:
| Parameter | Value |
|---|---|
| Keystore File | release-key.jks (located inside android/app/) |
| Keystore Password | password123 |
| Key Alias | emojismuggle |
| Key Password | password123 |
- Open Chrome/Edge and go to
chrome://extensions/. - Toggle on Developer mode in the top right corner.
- Click Load unpacked in the top left corner.
- Select the
/browser-extensiondirectory inside this repository.
Our public stego API has absolute zero-barrier, requires no authentication headers, and does not record client logs:
curl -X POST https://api.emoji.subhan.tech/v1/encode \
-H "Content-Type: application/json" \
-d '{"payload": "Top secret target", "carrier": "random"}'curl -X POST https://api.emoji.subhan.tech/v1/decode \
-H "Content-Type: application/json" \
-d '{"encoded": "π΅οΈββββββββββββββββββββββββββββββββπ¦"}'Built with β‘ by Subhan Haider
Transforming innocent emojis into secure, invisible data carriers.