How it works
Zero-knowledge file sharing in 5 steps. Your files are encrypted before they leave your browser.
- 1
Choose your file
Pick what you want to send. Size and expiry depend on your plan (Free: 50MB/24h, Plus: 500MB/7d, Ultimate: 5GB/30d).
- 2
We never see it
Your browser encrypts and splits the file using AES-GCM (256-bit). The decryption key never leaves your device—it's only in the link (after the
#). Our servers never receive the key or the original file, only encrypted fragments. - 3
Share the link
Send the full link to the recipient via email, Slack, WhatsApp, or any channel. Only someone with the complete link can open it before it expires.
- 4
They open it
Their browser fetches encrypted fragments, decrypts them locally using the key from the URL, and reassembles the file. We never see the decrypted content—it only exists in their browser.
- 5
It disappears
When the link expires or hits its open limit, the encrypted fragments are automatically deleted from storage. We can't recover the file or the key—if the link is lost, the file is gone forever. That's by design.
Technical Details
Encryption
AES-GCM 256-bit encryption happens entirely in your browser using the Web Crypto API. Keys are generated client-side and never transmitted to our servers.
Fragment Storage
Files are split into encrypted chunks and stored on Cloudflare R2 (S3-compatible). Each chunk is individually encrypted and cannot be decrypted without the key.
URL Fragment Security
The decryption key is in the URL hash (after #), which browsers never send to servers—even in HTTP referrer headers. This ensures zero-knowledge.
Auto-Deletion
Encrypted fragments are deleted when transfers expire, are consumed (view-once), or exceed max opens. No plaintext data is ever stored.
Ready to try it?
Send your first file in seconds. No account required.