u/maifee

I'm building a real-time desktop OTP application on Ubuntu and need to ensure the OTP window is never captured during screen sharing (Chrome, Zoom, OBS, Discord, etc.), even when the user shares their entire screen. It is basically an application which will always render on top on one corner, and keep refreshing the six digit token.

Modern Ubuntu uses PipeWire + xdg-desktop-portal for screen capture, which behaves differently on X11 vs Wayland. I'm looking for a reliable method to mark a window as "screen-capture-exempt" while keeping it visible, interactive, and properly managed by the window manager.

Specifically, I'd appreciate guidance on:

1. Does the EWMH _NET_WM_STATE_SKIP_CAPTURE atom work reliably with PipeWire/xdg-desktop-portal or major screen-sharing apps? Is it deprecated or compositor-dependent?
2. On X11, would setting override_redirect=true or using xprop/window hints reliably exclude the window from capture? What are the UX, focus, or WM integration trade-offs?
3. On Wayland, is there any official portal, DBus API, or compositor-specific hint to mark a window as private/sensitive, or is window-level capture exclusion intentionally impossible due to Wayland's security model?
4. For GTK/Qt applications, are there framework-level functions that indirectly affect capture behavior (e.g., window type hints, modal flags, transparency layers)?
5. If reliable programmatic exclusion isn't possible across sessions, what's the recommended fallback or security best practice for OTP/password apps on Linux? (e.g., clipboard clearing, secure input fields, user education, X11-only mode, etc.)
6. If none of these feasible, how can I rebuild xdg-desktop-portal and other necessary tools to exclude my application?

I'm open to X11-only solutions if necessary, but would prefer a forward-compatible approach. Code snippets, references to xdg-desktop-portal specs, PipeWire behavior documentation, or examples from existing open-source Linux OTP/password managers would be highly appreciated.