encrypted file transfer
send files with a link. encrypted client-side, stored on a relay as ciphertext, downloaded once, then deleted. the key never leaves your machine.
how it works
1
encrypt locally
your file is encrypted in the browser before anything is uploaded. the relay never sees plaintext.
2
share a link
you get a URL with the decryption key in the fragment. the server never receives the key.
3
one download, then gone
the recipient decrypts client-side. the relay deletes the blob after the first download.
cli
$ zend ./report.pdf
encrypting... done.
https://zend.dev/d/a7f3x#k=sQ9...mXw
# recipient
$ zend https://zend.dev/d/a7f3x#k=sQ9...mXw
decrypting... saved to ./report.pdf
properties
encryptionChaCha20-Poly1305 / AES-GCM
key exchangenone — key in URL fragment
relay storageciphertext only, auto-expiry
retentionsingle download or 24h TTL
clientsbrowser, CLI (zig)