It's been a long journey. What started as frustration with emailing myself links has become a focused Core and Ops product with encrypted transfer, encrypted rooms, native clients, and production launch evidence attached.
Core and Ops are in final launch readiness. The remaining public-launch commercial gate is store and RevenueCat sandbox evidence for purchases and restore.
What's Launching
The launch scope is:
- Windows — Desktop app with system tray integration
- iOS — iPhone and iPad app for Core and Ops
- Android — Full app with background sync
- PWA — Companion Ops surface, not the primary native client
The release evidence now covers production backend health, Redis/Valkey, domain and socket-origin policy, Core pair/clip/file/revoke flows, and mixed-platform Ops room rotation, message, file, and removed-member behavior.
Core Features at Launch
- Encrypted transfer — Clipboard and file payloads are encrypted before they leave your device
- End-to-end encryption — AES-256-GCM encryption with zero-knowledge architecture
- Device pairing and revoke — Pair devices, transfer, and remove access when needed
- Ops rooms — Invite members, post encrypted messages and files, rotate keys after removal, and keep an audit trail
- Honest launch scope — Native push and browser-extension sync stay out of launch claims until their end-to-end evidence exists
Pricing
Paid plans are handled through the Apple App Store and Google Play via RevenueCat. Purchase and restore flows are implemented in the apps, but public paid-launch claims wait on dashboard, product, public-key, entitlement, and sandbox receipt evidence.
We chose this model because:
- Running secure, real-time sync infrastructure costs money
- We want to build a sustainable business, not chase growth metrics
- A subscription aligns our incentives with yours — we only succeed if you keep using Quilon
No ads and no selling your data. Web and Windows direct users to the mobile apps for subscriptions; there is no web checkout.
What's Not in the Launch Claim
These items stay out of launch copy until they are implemented and proven:
- Native push — APNs/FCM delivery remains deferred until signed-device evidence exists
- Browser extension sync — The extension listing is limited to screenshot and local scanning unless sync QA is completed
- Share/keyboard extensions — iOS extension claims wait until App Groups and extension flows are production-proven
- Socket.IO horizontal scale — Render stays single-instance until a Redis adapter is implemented and verified
Join the Community
We've set up a Discord server where you can chat with us, report bugs, request features, and connect with other users. Join us:
Thank You
Building Quilon has been an incredible experience. Thanks to everyone who's followed along, given feedback, and encouraged us to keep going.
Thanks for following the launch hardening work.