All secrets are end-to-end encrypted. We generate a random hash to encrypt your secret on the client using AES-256-GCM (Advanced Encryption Standard - Galois/Counter Mode). The encryption key is never stored, but added to the secret link itself. Without the full link, nobody (including us) will ever be able to decrypt your message.
If a password is provided, we use it to encrypt your secret on top of the standard encryption. Even with access to all our infrastructure, an attacker couldn't read your message. After a secret has been viewed, we delete it permanently from our database. There is no backup.
Security by Design
-
Zero Trust Architecture – We assume that no entity (internal or external) is inherently trustworthy.
-
End-to-End Encryption – All connections are secured via HTTPS. Data is encrypted in transit and at rest to prevent unauthorized access.
-
Minimal Attack Surface – We reduce complexity and exposure by limiting the number of services, entry points, and dependencies in a system.
-
Regular Updates – We keep dependencies up to date to mitigate vulnerabilities.
-
Full Transparency – All code is open-source on Github
-
Automated Security Testing – We use automated tools to detect vulnerabilities in dependencies.
Infrastructure
Trusted players, few dependencies. We chose industry leaders to host our infrastructure:
- Vercel: Website & Postgres Database
- Flow Swiss AG: Object Storage (Files)