Confidential drop
Submissions are encrypted locally before transit. The server only receives ciphertext.
Payloads are encrypted in your browser with AES-256-GCM before upload.
AES keys are wrapped with RSA-OAEP (SHA-256). Only the owner can decrypt.
The server stores ciphertext plus minimal metadata. File names and notes stay inside the encrypted payload.
Transport security: TLS in transit. Encryption: AES-256-GCM payload + RSA-OAEP (SHA-256) key wrap.