build 0.1.0·aes-256-gcm / post-quantum·eu/de·ram onlyrelay online
VERIFIED TRANSFER
02parashare

Encrypted file relay.

End-to-end encrypted transfer. The receiver's browser generates a keypair — you verify the fingerprint before encrypting. The relay never sees plaintext.

how a verified transfer works
  1. Recipient opens the link. Their browser generates an ML-KEM-768 + ECDH P-256 keypair locally.
  2. Fingerprint shown. A SHA-256 fingerprint of the public key appears as 8 short words and a QR code.
  3. Out-of-band verification. Sender asks recipient over Signal / phone / in person: "What's your fingerprint?" Recipient reads the words. Sender confirms match.
  4. Encryption. Sender's browser encrypts the file with AES-256-GCM using a key derived from ML-KEM-768 + ECDH P-256 hybrid handshake.
  5. Burn-on-read. Recipient downloads — file is destroyed on relay.
expiry options
  • 30 seconds (lightning)
  • 5 minutes (chat)
  • 1 hour (email)
  • 24 hours (work day)
vault mode

Send multiple files to the same recipient session. The keypair is reused while the page is open — burn-on-read still applies per file.