How Invisible Screen Share Technology Actually Works

Windows: SetWindowDisplayAffinity

On Windows 10 version 2004 and later, Microsoft provides a function called SetWindowDisplayAffinity in the Win32 API. This function controls how the Desktop Window Manager (DWM) handles a specific window during screen capture operations.

SetWindowDisplayAffinity(hwnd, WDA_EXCLUDEFROMCAPTURE)

When a window has WDA_EXCLUDEFROMCAPTURE set, the DWM excludes it from all capture surfaces. This means the window is invisible to:

• → Zoom, Google Meet, Microsoft Teams screen sharing
• → Discord Go Live and screen share
• → OBS Studio and other recording software
• → Windows Snipping Tool and Print Screen
• → Any application using BitBlt, DirectX, or DXGI capture

How It Works Under the Hood

The Desktop Window Manager (DWM) is the compositing engine that renders all windows on your screen. When a capture API requests a frame of the desktop, DWM composes the final image. Windows with the exclusion flag are simply not included in that composition — they're rendered to your physical display but omitted from the capture surface. This happens at the OS level, below any application code.

The key insight is that the exclusion happens in the compositor, not in the capture application. This means individual apps (Zoom, OBS, etc.) cannot override it. They receive a frame that never contained the excluded window in the first place.

Requirements and Limitations

macOS: NSWindow.sharingType

On macOS, Apple provides a similar mechanism through the NSWindow.sharingType property. Setting it to .none excludes the window from screen capture, screenshots, and screen recordings.

window.sharingType = .none

This works identically to the Windows approach — the window manager (WindowServer on macOS) omits the window from capture surfaces at the compositor level. The API was originally designed for DRM content protection, which is why QuickTime Player and other video players use it for protected content.

What This Protects Against (and What It Doesn't)

The protection is comprehensive against all digital capture methods because it operates at the compositor level. Physical capture (cameras, capture cards) bypasses the software stack entirely and cannot be prevented by any OS-level mechanism.

Why Operating Systems Provide This Feature

These APIs weren't built for interview tools. They exist because the OS needs to support applications that display sensitive content:

• →Password managers — need to show credentials without them appearing in screen recordings or shared screens during presentations
• →DRM video players — Netflix, Disney+, and other streaming services use capture exclusion to prevent screen recording of protected content
• →Enterprise security tools — data loss prevention (DLP) overlays and security dashboards that shouldn't be visible in shared presentations
• →Banking applications — financial apps that display sensitive account information

The APIs are public, documented, and available to any application. There's no special permission or certificate required. Any window can set these flags.

How Shadow Claude Implements Stealth Mode

Shadow Claude applies the display affinity flag immediately when the application window is created. The overlay window is configured as always-on-top, frameless, transparent, and excluded from screen capture — all before any content is rendered.

On Windows, this means calling SetWindowDisplayAffinity with the window handle during the Tauri setup hook. The window is also hidden from the taskbar and configured without decorations (no title bar, no borders), so there's no visual trace of the application in the Windows UI.

The stealth mode can be toggled at runtime if needed — for example, if you want to screenshot the overlay itself for debugging. But during normal operation, it stays enabled from launch to close.

How to Verify Invisibility