Confidential drop

Secure Upload

Submissions are encrypted locally before transit. The server only receives ciphertext.

End-to-end encrypted

Payloads are encrypted in your browser with AES-256-GCM before upload.

Key wrapped

AES keys are wrapped with RSA-OAEP (SHA-256). Only the owner can decrypt.

Read-once secrets

Secure notes generate a one-time link with the key in the URL fragment.

Encrypt a message and optional file for delivery.

No file selected

Transport security: TLS in transit. Encryption: AES-256-GCM payload + RSA-OAEP (SHA-256) key wrap.