this post was submitted on 27 Jan 2025
56 points (95.2% liked)

Privacy

516 readers
223 users here now

Protect your privacy in the digital world

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be nice and no bigotry/prejudice
  2. No tankies/alt-right fascists
  3. Stay on topic
  4. Don't promote proprietary software
  5. No crypto
  6. If you post news exclusive to a country please name it. ~(This isn't a bannable rule, just a recommendation!)~

Related communities

founded 2 months ago
MODERATORS
fxomt@lemm.ee
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
56
crypt.fyi - Secure Secret Sharing with Zero-Knowledge End-to-End Encryption (crypt.fyi)
submitted 4 days ago by Blaze@lemmy.zip to c/privacy@lemmy.dbzer0.com
22 comments fedilink hide all child comments
 

From an author:

I wanted to share crypt.fyi - a free, open-source tool I built for securely sharing sensitive data/files. It uses client-side encryption and zero-knowledge architecture.

Key features:

- Zero-knowledge architecture
- End-to-end encryption using AES-256-GCM (actively investigating post-quantum encryption options)
- Self-hostable
- Suite of configurations (password, burn after read, max read count, ip/cidr-allow list, webhooks)
- Strict rate-limiting
- Strict CSP to mitigate supply chain attacks
- Web, cli, and chrome-extension clients
- Fully open source (Github)

The problems I aimed to solve: Many people share sensitive info (passwords, keys, etc.) through email, Slack, or SMS - which often leaves plaintext copies in multiple places. Existing solutions either require accounts, aren't open source, or have security/privacy/ui/ux/feature/config gaps/limitations.

crypt.fyi is built with privacy-first principles:

- No logging of sensitive data
- No analytics or tracking
- Separation of web and api servers
- All encryption/decryption happens client-side using shared cross-platform cryptography primitives from noble cryptography
- TLS encryption for all traffic
- Encrypted data is automatically destroyed after being read with strong guarantees around once-only reads

The entire codebase is open source and available for review. I'd love to get feedback from the privacy community on how to make it even better!

you are viewing a single comment's thread
view the rest of the comments
[–] SanctimoniousApe@lemmings.world 15 points 4 days ago (2 children)

Hate to be "that guy," but it's mildly amusing/concerning that both instances of the "crypt.fyi" links in the body text are not secure (i.e. "http" instead of "https").

[–] codectl@lemmy.zip 1 points 3 days ago (1 children)

Looks like the original post on Reddit took 'crypt.fyi' (the name of the tool and also the domain) and converted it to a link with http protocol.

[–] sunzu2@thebrainbin.org 1 points 1 day ago

aint that sus?

[–] homesweethomeMrL@lemmy.world 4 points 4 days ago

The devil's in the protocols.