How does it work?

The payload is encoded inside the container message by converting its UTF-8 bytes into invisible characters. Each pair of two bits gets encoded using one of the following unicode characters: combining grapheme joiner (U+034F), zero width space (U+200B), zero width non-joiner (U+200C), zero width joiner (U+200D). Because these characters are not visibly printed by most programs (including the browser), the payload appears not to be part of the resulting output text. This trick comes at a cost, though: using UTF-8, each byte of the payload is encoded by 8, 9, 10, 11 or 12 bytes (i.e. 4 invisible characters each consisting of 2 or 3 bytes), which means the payload can become 12 times as big inside the container message. In order to mitigate this, the payload is compressed first using the Lempel–Ziv–Markov chain algorithm (LZMA), if effective.