Share secrets through self-destructing links. Secrets are encrypted in your browser, stored only as ciphertext on the server, expire automatically, and disappear after the first successful view.
The decryption key is only in the URL fragment after the #. The server never receives it.
How it works
Your browser generates a random key and encrypts the secret locally with AES-GCM.
The server stores only ciphertext plus the expiry timestamp.
The returned link contains the secret ID in the query string and the key in the URL fragment.
When opened, the browser downloads the ciphertext once, the server deletes it, and the browser decrypts it locally.
Secrets are kept in memory only. A restart clears everything.
Reveal secret
Clicking Reveal will download and delete the secret from the server. This can only be done once.