Built for things that matter.
SendFast was designed so we can't leak what we never see. Files are encrypted in the browser, ciphertext is stored, the key never leaves you.
AES-256-GCM
Industry-standard authenticated encryption. Keys generated by Web Crypto API in your browser.
Zero-knowledge
We see filenames, sizes, and IVs — never plaintext, never keys. Even with a subpoena we can't decrypt your files.
Key in the URL fragment
The decryption key lives after the # in the share link. Browsers never transmit fragments to servers.
Optional password
Add a password to require a second factor before the recipient can fetch the ciphertext.
Threat model
We assume an adversary that controls our infrastructure: read access to databases, object storage, and logs. Because ciphertext, IV, and metadata are all the server ever sees, an attacker in that position still cannot recover plaintext. The only way to decrypt a transfer is to possess the URL fragment, which never crosses the wire.
Reporting a vulnerability
Found something? Please email [email protected] with details, ideally with a reproduction. We respond within 48 hours and don't pursue good-faith research.
Related
- Privacy policy — what we collect and retain.
- Docs — encryption details for developers.
- Status — current incident state.