
Maximum Security gives you a live browser-to-browser session secured by authenticated X3DH-style setup plus ML-KEM-768 hybrid key agreement. Team Split brings threshold cryptography — previously the domain of HSMs and enterprise key vaults — entirely into your browser.
Browser-side encryption. Trust-minimized architecture. Storage behavior depends on the mode you choose.
Standard mode: AES-256-GCM, recipient opens within 15 min up to 30 days
Maximum Security: browser-to-browser P2P, so the secret payload is not stored server-side in this mode
ML-KEM-768 (NIST FIPS 203) hybrid key agreement in Maximum Security mode to reduce harvest-now-decrypt-later risk
Shamir's Secret Sharing: require 2-of-3 or 3-of-5 approval before anyone can read the secret
Built with cutting-edge encryption and privacy technologies to keep your secrets safe.
Maximum Security mode combines authenticated X3DH-style session setup with ML-KEM-768 hybrid key agreement and per-message symmetric ratcheting for short-lived browser-to-browser transfers.
Send a secret without waiting for the recipient. They open it anytime within 15 minutes up to 30 days — encrypted with AES-256-GCM, key never leaves the URL fragment.
Each async secret link is intended for single use. After the recipient opens it successfully, the ciphertext is deleted and the link becomes invalid.
Our servers never hold your encryption keys. All cryptographic operations happen in your browser via Web Crypto API. For P2P sessions, compare the safety number with your recipient to confirm the connection is direct.
Operated from Romania, EU. All infrastructure within AWS eu-central-1. Analytics only after explicit consent. GDPR-first by design. Data export and deletion on request.
Know the moment your secret is opened — real-time delivery status in the sender UI. Changed your mind? Revoke any unread secret instantly, even hours after sharing the link.
Generate a request link and ask someone to send YOU a secret — only you can decrypt it. Built-in templates for SSH keys, database credentials, API keys, and Wi-Fi passwords.
Split a secret into N shares with a k-of-n threshold: any 2-of-3 or 3-of-5 holders can reconstruct it, but no single holder can access it alone. 100% client-side, with share material kept out of server storage.
Three modes for different threat models. Choose the one that fits your situation.
Type your secret and choose an expiry — 15 minutes up to 30 days, or a custom date. AES-256-GCM encryption key is generated randomly in your browser.
A unique link is generated with the encryption key hidden in the #fragment — invisible to our server. Copy it or share via QR code.
The recipient clicks the link whenever they're ready — no scheduling needed. The secret is decrypted locally in their browser.
After the first successful view, the link is invalidated immediately and the ciphertext is removed from the server shortly after. The key was never sent because it stayed in the URL fragment.
Trusted by privacy-conscious individuals and teams worldwide.
Securely share login credentials, access codes, and sensitive account information.
Send private messages, private voice messages, confidential documents, or secure access links.
Safely onboard new clients or team members with temporary access credentials.
Send now, they open when ready. No scheduling, no simultaneous presence required.
Distribute API keys, recovery codes, or critical credentials requiring 2-of-3 or 3-of-5 approval before anyone can access them.
For anyone who values privacy, security, and peace of mind in digital communication.
Every plan starts with a 14-day free trial — full access, no credit card required.
Async one-time secret sharing for individuals
14-day free trial included
Add hybrid P2P for high-security transfers
14-day free trial included
Full suite: files, voice & k-of-n team approval
14-day free trial included
Need a custom plan for a larger team? Contact us.
Trust-minimized, browser-side encryption for your most sensitive information. Start sharing secrets securely today.