How Kink Negotiation works

Kink Negotiation is built around the assumption that what you put on a card is yours. Nothing about a card is searchable, indexable, or visible to anyone who doesn't have the link.

Every card sits in a database table with row-level security set to deny-all. The site's browser code never holds a database key — all reads and writes flow through a small set of server endpoints that authenticate with a private service-role key your browser never sees. If a card link isn't in someone's hand, there's no way for them to land on it.

On top of that, you can attach an optional 4–8 digit PIN at the moment you create a card. The PIN is hashed (salted scrypt) before it's stored, so even a server-side compromise of the database wouldn't reveal it. Anyone with the link still needs the PIN to open the card.

We also keep the request logs as minimal as possible: no analytics on the content of cards, no third-party tracking inside the wizard or the view page. The site uses anonymous Vercel page-view analytics for capacity planning only.

You don't need to sign up, give an email, or create a password to build and share a Kink Card. Open the site, confirm you're an adult, walk through the wizard, and you have a shareable link.

When you create a card, your browser stores a small private “edit key” in its own localStorage. That key is what tells the site you're the card's owner on that device — it's how Edit and Revoke work without us knowing who you are. The key never leaves your device unless you choose to sync the card to a TheDuchy account.

Signing in is entirely optional. If you have an active TheDuchy membership, you can sync a card to your account so it shows up in My Kink Cards across devices, so you can clone it as a starting point for a new scene, or so you can mark it non-expiring. None of those are required to use the core flow — they're just convenience for repeat users.

Every card has a share window between 1 hour and 30 days. You pick the length at the end of the wizard; the default is 7 days. After the window closes, the card stops being viewable: the link still exists, but anyone who opens it sees a “this card is no longer available” message, and the same is true for the QR code or any Apple Wallet pass that was added.

A scheduled job in the database runs daily and hard-deletes any expired card row. That deletion cascades through to any Wallet pass and device registration tied to the card, so the underlying data is gone from disk, not just hidden.

If you sync a card to your TheDuchy account, you can opt to make it non-expiring so it survives the cleanup. That's an explicit choice — un-synced cards always follow the timer. You can also revoke a card at any moment before its window ends, which is functionally the same as an early expiry.

Kink Negotiation contains explicit discussion of adult activities. It has no images, but it's intended for adults who are negotiating consensual scenes with other adults. You must be 18 or older — or the age of majority where you live — to use it.

The site shows an age-confirmation gate the first time you visit each device. The confirmation is stored locally on your device, not on our servers, so it's not tied to a personal identity. The gate is a content notice and a chance for you to pause and choose not to continue if this isn't a tool you want.

Beyond the gate, the site itself is opinionated about consent: cards default to “No,” consent is treated as revocable any time before or during a scene, and the card itself is framed as the beginning of a negotiation — not a contract. Sharing a card with someone is not a substitute for talking it through together.