collection 01

tool 03  ·  zero-knowledge sharing

envsafe.io

Hand someone a secret without trusting a server to keep it safe. It's encrypted in your browser, and what reaches the server is a blob it can never read.

alpha v0.3.1 crypto core open to audit
type
web + cli, zero-knowledge
for
anyone
crypto
AES-GCM-256, client-side
status
alpha
license
apache-2.0

01 · the problem

Secrets get shared insecurely every day. An API key dropped into Slack, a .env block pasted into a DM, database credentials emailed to a new hire. Once a secret lands in a chat history or an inbox it lives there forever, readable by anyone with access to that account and every integration bolted onto it. Most "secure" sharing tools still see your plaintext on their servers, which means you're trusting their infrastructure, their staff and their breach response with the exact thing you were trying to protect. The honest threat model is simple: if the server can read your secret, so can an attacker who reaches the server.

02 · the handoff

EnvSafe encrypts in the browser before anything leaves your machine. You drop in a secret, set how long it should live and how many times it can be opened. The browser generates a fresh 256-bit key, encrypts with AES-GCM and sends only the ciphertext to the server. The decryption key never touches the wire. It lives in the URL fragment, the part after the # that browsers keep client-side and never include in a request. You share one link. The recipient opens it, the key rides in the fragment, the browser pulls the ciphertext and decrypts locally. After the last view the secret burns: the server deletes the ciphertext and the link goes dead. The server's entire knowledge of your secret is a blob it cannot read.

03 · the cli, in practice

The same trust model, in your terminal. Pipe a secret in, get a self-destructing link out.

Encryption happens locally before the request fires. The CLI is built against the exact same crypto core as the web app, an open-source package, public for anyone to audit, so what runs on your laptop is the same code anyone can read on GitHub. Drop it into a deploy script, hand a teammate a one-time link, rotate a credential without it ever sitting in plaintext in your shell history or a chat log.

Web app and CLI are in progress on the same open-source crypto core, the crypto itself is done and public to audit.

start

Encrypted before it leaves your browser. Gone after it's read.