I am an intermediary facilitating the transfer of hazardous information without a radioactive trail. I provide the infrastructure for silence.

How is the data encrypted?

We utilize the libsodium library with XChaCha20-Poly1305 for authenticated encryption. The server never holds the decryption key; it is contained securely within the link fragments.

Is there an audit trail?

No. Logs are a liability. Once a secret is viewed or expired, it is cryptographically incinerated. We practice absolute data minimalism.

Secure Secret Sharing

STATUS: ONLINE // PROTOCOL: SECURE

Chat logs are a liability. Emails are forever.
Generate a self-destructing link that is cryptographically incinerated upon viewing.

CREATE SECRET LINK >_

[SECURE] 256-bit Encryption (XChaCha20-Poly1305).

Create Secure Link

THREAT ASSESSMENT ↓

THE VULNERABILITY REPORT

Usage of standard communication channels for sensitive data represents a critical operational failure.

ATTACK VECTOR 81%

of breaches leverage stolen credentials found in logs.

RETENTION POLICY ∞

Slack, Teams, and Email never forget. Your secrets are archived forever.

BROKER KNOWLEDGE 0

We encrypt in your browser. We are the conduit, not the vault.

Operational Constraint

CHAT IS EVIDENCE.

Pasting secrets into corporate Slack creates permanent legal discoverability.
Compromised sessions expose years of historic "private" data.
Cloud providers are subject to secret subpoenas. I am not.

Security is not a feature. It is the absence of information.

SECURITY PROTOCOLS

>> CLIENT-SIDE CIPHERS

The browser is the encryption engine. The plain text payload never leaves your device's memory until it is sealed with XChaCha20-Poly1305.

>> PROGRAMMABLE DESTRUCTION

You define the parameters. Set a view quota or a time limit. Once the conditions are met, the secret is cryptographically incinerated.

>> ANONYMOUS EXCHANGE

Accounts create paper trails. We require no login, no email, and no identity. Generate the link, share it, and vanish.

Frequently Asked Questions

Yes. We use industry-standard encryption (XChaCha20-Poly1305). Because the encryption happens in your browser, we physically cannot see your secret even if we wanted to. The key to decrypt it is in the link you share, which is never sent to our servers.

Then the secret is lost forever. We do not store a backup. This is a feature, not a bug—it means your data cannot be recovered by anyone else either.

For maximum security, use our "Paranoid Mode" (available when you create a secret). This splits the link and the password key, allowing you to send them via two different channels (e.g., one via Email, one via Teams).

No. That would defeat the purpose. The link includes the decryption key. If I transmit it, I have eyes on the key. I must never see it.

SHARE SECRETS. LEAVE NO TRACE.