What is the encryption process for uploads to my eyes only on Snapchat

1. What Snapchat says: a local, passcode‑locked vault that Snapchat can’t read

Snapchat frames My Eyes Only as a secure, password‑protected folder inside Memories where items are encrypted and inaccessible without the user’s chosen passcode, and it tells users that without that password “no one can view these things after they are saved in My Eyes Only — not even us,” while cautioning there’s no way to recover content if the passcode is forgotten ^{[1] [2]}.

2. How the community and guides describe the process—client‑side encryption and a PIN gate

How‑to guides and product explainers consistently describe MEO as a locally encrypted folder unlocked by a four‑digit PIN (or passcode) that the user sets; content marked for MEO is moved into that encrypted store and requires entry of the PIN to decrypt and view ^{[6] [7]}. Lay reporting and some educational writeups go further, describing the model as client‑side encryption where the device handles encryption/decryption and servers do not have plaintext access, though Snapchat does not publish an in‑depth cryptographic whitepaper confirming exact key management ^{[3] [8]}.

3. What technical investigators have found: artifacts, caches, and the PIN storage claim

Independent researchers and forensic practitioners have shown My Eyes Only is not an impenetrable black box in practice: forensic tools can recover and decrypt MEO content in certain scenarios, for example when snaps were previously viewed and remain in application caches or when device acquisition tools (like GrayKey referenced by forensic vendors) capture the needed data to decrypt Memories ^[5]. Community code and writeups claim the MEO PIN is stored in app data and that Snapchat saves the four‑digit PIN encrypted using bcrypt in the app database on Android devices, a detail that suggests the PIN is hashed locally rather than transmitted in plaintext—though that claim comes from independent reverse engineering rather than an official Snapchat disclosure ^[4].

4. Practical security implications and attack surfaces

The combination of client‑side encryption and a hashed PIN provides meaningful protection against casual access—someone who steals a phone and doesn’t know the MEO PIN should be blocked ^{[1] [7]}. But forensic recoveries and community tools demonstrate practical attack surfaces: rooted devices, physical extraction, device‑level caches, or specialized acquisition tools can expose decrypted or decryptable content if the device or app data are captured, and community code suggests brute‑force attempts against locally stored hashed PINs are possible on compromised systems ^{[5] [4]}.

5. Where reporting diverges and what remains uncertain

Official Snapchat messaging emphasizes user control and non‑access by Snapchat ^[1], while independent sources fill in technical claims—bcrypt for PIN storage and local decryption behaviors—that Snapchat has not publicly confirmed in detail ^{[4] [3]}. Some third‑party and educational accounts describe MEO as “end‑to‑end” in broader terms, but that language can conflate different models of client‑side encryption and sharing; the precise cryptographic key derivation, storage, and whether server‑side backups could ever enable recovery are not fully documented in the available public sources ^{[8] [3]}.

6. Bottom line for users and hidden agendas in reporting

MEO offers stronger protection than ordinary saved Memories by adding a passcode and local encryption layer that Snapchat says prevents even the company from viewing the content, but technical reporting shows real‑world weaknesses when devices are rooted, subject to forensic extraction, or keep decrypted caches; independent researchers and toolmakers highlighting those weaknesses sometimes have agendas—security vendors and forensic tool authors can benefit from publicizing exploits or support for MEO decryption—so their claims should be weighed against Snapchat’s official statements and the absence of a full technical disclosure by the company ^{[1] [5] [4]}.