Secrets

Security

Threat Model

Secrets is designed to protect against server compromise and network eavesdropping. We assume the client (your browser) is trusted and secure.

What We Protect Against

  • Server breach: Even if our server is compromised, attackers cannot decrypt stored secrets without the keys (which never reach the server).
  • Network interception: All data is encrypted client-side before transmission. HTTPS protects metadata, but even without it, plaintext secrets are never transmitted.
  • Database leaks: The database contains only encrypted ciphertext, tokens, and expiration timestamps. No plaintext or keys.
  • Accidental sharing: Links work only once. After viewing, the secret is gone forever.
  • Long-term exposure: Secrets expire automatically based on your chosen TTL.

What We Do NOT Protect Against

Be aware of these limitations:

  • Client compromise: If your browser or device is infected with malware, your secrets can be stolen before encryption.
  • Phishing: If you share the link with the wrong person, they can access the secret.
  • URL leaks: The link contains the encryption key. If you paste it in browser history, logs, or analytics tools, it may be exposed.
  • Screenshot or copy: After decryption, the recipient can screenshot or copy the secret. We cannot prevent this.
  • Browser extensions: Malicious extensions can read page content or intercept clipboard.
  • Man-in-the-middle on initial load: If you load this site over a compromised connection the first time, malicious JavaScript could be injected. Use HTTPS and verify the domain.

Encryption & Key Handling

Encryption Algorithm

We use AES-256-GCM, a modern authenticated encryption algorithm. It provides both confidentiality and integrity. The 256-bit key ensures strong protection against brute-force attacks.

Key Generation

Encryption keys are generated using the Web Crypto API (crypto.getRandomValues), which provides cryptographically secure random numbers. Keys are 32 bytes (256 bits) of random data.

Key Storage

Keys are never stored on the server. They remain in the URL fragment (the part after #), which is processed only by the browser. The server never sees or logs URL fragments.

IV (Initialization Vector)

Each secret uses a unique 12-byte IV, generated randomly for every encryption operation. This ensures identical plaintexts produce different ciphertexts.

Data Retention

  • Secrets are deleted immediately after retrieval (one-time access).
  • Unread secrets are deleted automatically after the chosen TTL expires.
  • We do not keep backups of secrets.
  • Deleted secrets cannot be recovered.

Infrastructure

  • Hosted behind Cloudflare with TLS 1.3.
  • Database stores only encrypted ciphertext, tokens (UUIDs), and expiration timestamps.
  • No logging of IP addresses or user behavior.

Recommendations for Users

  • Share links through secure channels (Signal, encrypted email, etc.).
  • Verify the recipient before sharing.
  • Use the shortest possible TTL for your use case.
  • Never paste secret links into untrusted platforms or analytics tools.
  • Use HTTPS and verify the domain before entering sensitive data.

Reporting Security Issues

If you discover a security vulnerability, please report it responsibly. Contact us at [email protected]. Do not disclose publicly until we've had time to address it.