real persistence

A database, from a static site.

Leave a message — it saves to a real database the moment you hit send. The browser talks to it directly, secured by row-level security. There is no server in between. Currently saving to: your browser (demo).

Messages are capped at 280 characters and rate-limited. You can delete anything you posted from this browser.

Messages

How is a public database safe from the browser?

The key in this page is Supabase's public anon key — it's meant to be shared and grants nothing on its own. Safety comes from the database, not from hiding the key (the service_role key is never shipped to the browser).

The browser can't write to the table directly. Posts and deletes go through locked-down database functions that cap message length, rate-limit per IP, bound total rows, and let you delete only your own messages. Reads expose nothing but name, message, and time.

Want the exact recipe? It's in db.sql and the README.

Built with Therapy.jl · hosted free on the edge by SnapshotSnapshot ↗