Send Encrypted Files with Self-Destructing Links

Encrypted in your browser. Deleted after download.

The problem with file sharing

Email attachments sit in inboxes, backups, and compliance archives. Dropbox and Google Drive links stay active until someone remembers to revoke them. WeTransfer links expire, but the files aren't encrypted end-to-end. When the file contains credentials, SSH keys, or configuration secrets, every copy is a liability.

How encrypted file sharing works

1 Go to the tool and click the attachment button. Select the file (up to 20 MB). Your browser compresses it into a ZIP archive and encrypts it with XChaCha20-Poly1305 before anything is uploaded.

2 Set the view limit and expiry. For a single recipient, 1 view and a short expiry. The encrypted file sits on the server only until someone downloads it or time runs out.

3 Copy the link and send it. The decryption key is in the URL fragment. The server stores the encrypted archive and has no way to read it.

4 The recipient opens the link. Their browser downloads the encrypted archive, decrypts it, extracts the file, and presents the download. The server hard-deletes the ciphertext.

What gets encrypted

Everything. Your browser bundles the text (if any) and attached files into a ZIP archive, then encrypts the whole archive. The server stores a single encrypted blob. It can't tell whether the payload contains text, one file, or multiple files. The same cipher, the same key derivation, the same protocol used for text secrets.

Use cases

  • .env files with database URLs, API keys, and service credentials
  • SSH private keys that need to reach a teammate without going through email or Git
  • TLS certificates and private keys for deployment
  • Configuration files with secrets embedded
  • Any file that shouldn't persist in a chat log or email archive

How this differs from cloud file sharing

Dropbox, Google Drive, and OneDrive store files on their servers and control access through permissions. The files are encrypted at rest by the provider, but the provider has the keys. Revoking a link doesn't delete cached copies.

With Secret.Broker, the file is encrypted in your browser before upload. The server can't read it. After the view limit or expiry, the ciphertext is hard-deleted. No lingering copies, no permission lists to manage.

Large file handling

Files under 32 KB are stored inline in the database. Larger files are uploaded directly from your browser to object storage using a pre-signed URL. The server issues the upload URL but never handles the ciphertext itself. The 20 MB limit keeps the encryption fast enough for browser-based processing.

Free file attachments

Some tools charge for file sharing. Password Pusher starts at $19/month for file support. Secret.Broker includes file attachments up to 20 MB at no cost. No account, no paid tiers.

Share a File