Zero-knowledge encryption — your key never leaves your device

Share secrets that self-destruct

Passwords, API keys, files — encrypted in your browser with AES-256, shared via a one-time link. The server never sees your data. Ever.

AES-256-GCM
Burn after read
No account needed
Create a SecretSee how it works
AES-256-GCM Encryption
Zero Knowledge
Self-Destructs
Client-Side Keys
No Plaintext Stored
No Account Required

Features

Everything you need to share safely

No compromises. No accounts. No data retention. Just the right tools to share sensitive information without the risk.

Client-side encryption

Your secret is encrypted in your browser using AES-256-GCM before a single byte leaves your device. We store only ciphertext.

Burn after reading

Set a view limit — 1 view, 5 views, or any number. The moment that limit is hit, the secret is permanently deleted from our servers.

Time-based expiry

Set a deadline: minutes, hours, or days. Whichever hits first — the view limit or the time limit — triggers permanent deletion.

Any file type

Drag and drop any file — PDFs, zip archives, certificates, images, videos. Encrypted before upload, up to 500MB.

Password protection

Add an extra layer with a password. Recipients need it to view — the password is never stored, only a hash for verification.

QR code sharing

Every secret gets a QR code. Save it, print it, or let someone scan it directly. No link required.

Rich previews

Recipients can preview images, stream videos, read PDFs, and view syntax-highlighted code — all before downloading.

Auto-send with Brevo

Enter recipient emails and we deliver the link, QR code, and password directly to their inbox via encrypted transactional email.

Syntax highlighting

Paste code, config, environment variables, or JSON. Automatic language detection with beautiful syntax highlighting.

How it works

Simple. Secure. Gone.

01

Paste or upload

Type a secret, paste a password, or drop any file. Choose your expiry: by views, by time, or both.

02

Encrypted in your browser

Your data is encrypted client-side using AES-256-GCM. The encryption key never leaves your device — it lives in the URL fragment.

03

Share the link or QR

Copy the link, download the QR code, or let us email it directly to your recipients with optional password included.

04

Self-destructs on access

When opened, the secret is decrypted locally in the recipient's browser. Once the view limit or time limit is hit, it's gone permanently.

Ready to share safely?

No sign-up. No tracking. No data retained after it self-destructs. Just a link that vanishes when it should.

Create your first secret