crypt.fyi - Secure Secret Sharing with Zero-Knowledge End-to-End Encryption

From an author:

I wanted to share crypt.fyi - a free, open-source tool I built for securely sharing sensitive data/files. It uses client-side encryption and zero-knowledge architecture.

Key features:

- Zero-knowledge architecture- End-to-end encryption using AES-256-GCM (actively investigating post-quantum encryption options)- Self-hostable- Suite of configurations (password, burn after read, max read count, ip/cidr-allow list, webhooks)- Strict rate-limiting- Strict CSP to mitigate supply chain attacks- Web, cli, and chrome-extension clients- Fully open source (Github)

The problems I aimed to solve: Many people share sensitive info (passwords, keys, etc.) through email, Slack, or SMS - which often leaves plaintext copies in multiple places. Existing solutions either require accounts, aren't open source, or have security/privacy/ui/ux/feature/config gaps/limitations.

crypt.fyi is built with privacy-first principles:

- No logging of sensitive data- No analytics or tracking- Separation of web and api servers- All encryption/decryption happens client-side using shared cross-platform cryptography primitives from noble cryptography- TLS encryption for all traffic- Encrypted data is automatically destroyed after being read with strong guarantees around once-only reads

The entire codebase is open source and available for review. I'd love to get feedback from the privacy community on how to make it even better!