If an image is uploaded from camera roll to my eyes only on Snapchat is it encrypted client side during the upload process or is it private

1. What Snapchat says: a passcode‑protected, encrypted vault on the device

Snapchat’s own help pages describe My Eyes Only as content that is moved from Memories into a section you can only open by entering your MEO passcode, and that you must enter the passcode to see those Snaps again ^[1]. Consumer guides and Android‑focused reporting summarize Snapchat’s framing the same way — MEO adds “an extra layer of protection,” keeping selected content “safe and encrypted” behind a chosen code ^[2]. Community support posts reiterate Snapchat’s claim that without the password “no one can view the things you saved on My Eyes Only — not even us,” and warn that if the password is forgotten there’s no recovery ^[5].

2. Evidence that encryption/decryption happens on the client side

At least one independent guide infers that MEO’s encryption and decryption “occur entirely on the user’s device” and that “Snapchat’s servers never have access to the unencrypted content or the encryption key,” adding that uploads into MEO must be done via the mobile app ^[3]. This aligns with Snapchat’s emphasis on a local passcode and the company’s messaging that they cannot view MEO content without the passcode ^{[1] [5]}.

3. Practical caveats: local caches, device access and forensic tools

Forensics practitioners have demonstrated limits to “private” or purely client‑side guarantees. Tools and analyses show that My Eyes Only snaps can be recovered and decrypted if the snaps were viewed locally and remain available in the app’s media cache, and commercial forensic platforms updated to support MEO decryption under those conditions ^[4]. In practice, a physical or logical acquisition of the device — or an exploit such as GrayKey in forensic workflows — can expose data that Snapchat’s passcode alone would not protect ^[4].

4. The weak link: PIN storage, brute force and rooted devices

Technical posts and open‑source scripts highlight further attack vectors: the four‑digit MEO PIN is stored on Android devices (reported as bcrypt‑hashed in Snapchat’s memories.db path), and researchers have produced automated brute‑force scripts that operate on rooted devices, illustrating that a determined attacker with device access and root capabilities can attempt PIN recovery ^[6]. That reality narrows the protection model: encryption helps, but device compromise or local forensic access undermines it.

5. Marketing, academic and third‑party claims — and their limits

Some third‑party explainers and university pages describe MEO in stronger terms, even using phrasing like “end‑to‑end encryption” or asserting that “the platform itself cannot access” the content ^[7]. These representations echo Snapchat’s marketing but go beyond what Snapchat explicitly documents: independent sources note Snapchat does not publish full technical specs of MEO’s implementation, so definitive claims about key management or server behavior are inferences rather than confirmed design statements ^[3].

6. Bottom line: client‑side encryption with realistic boundaries

The best reading of available reporting is that My Eyes Only is designed to encrypt/decrypt content on the device and to require a local passcode that Snapchat says it cannot bypass ^{[1] [2] [3]}. However, client‑side encryption is only one piece of security: if an attacker gains physical access to the device, can extract app caches, exploit a rooted device, or leverage specialized forensic tools, MEO content has been shown to be recoverable in practice ^{[4] [6]}. Where sources are silent — for example, full cryptographic protocols and exact key‑handling by Snapchat — reporting cannot assert specifics beyond the inferences and vendor statements available ^[3].