Zero-knowledge by design

Send files
we can't read

Files are compressed and AES-256 encrypted in your browser before they ever leave it. The decryption key lives in the share URL — never on our servers.

Upload a file See how it works
No account needed Files up to 20 GB Parallel multipart
Drop a file or click to choose
Up to 2 GB · expires in 7 days · Register for 20 GB
Encryption
AES-256
GCM authenticated, native Web Crypto
Compression
gzip
Applied before encryption
Storage
Wasabi
S3-compatible, EU region
Trust required
0
We literally can't decrypt your files
How it works

Three things happen on your device.

Everything else is just opaque ciphertext.

1

Pick a file

Drag and drop, or click to choose. We don't auto-upload until you confirm.

2

Your browser encrypts it

A random 256-bit AES-GCM key is generated client-side. The file is gzipped, split into 8 MB chunks, encrypted, then uploaded to Wasabi in parallel.

3

Share the link

The key lives in the URL fragment after #k=. Browsers never send fragments to servers. Only people you give the link to can decrypt.

Security

Verifiable, not just promised.

Open primitives. Inspect the JavaScript in DevTools — it's all there.

AES-256-GCM authenticated encryption

NIST-recommended, industry standard. Tampering with a single byte of ciphertext makes decryption fail loudly. Each chunk gets a fresh random IV.

Key never leaves your browser

The decryption key sits in the URL fragment — the part after #. Browsers don't transmit fragments. We can't see it, log it, or hand it over.

Native browser crypto

We don't ship our own implementation. Encryption uses your browser's audited, hardware-accelerated Web Crypto API.

Filenames are encrypted too

The filename, MIME type, and plaintext size are encrypted with the same key. Our database stores only opaque base64 ciphertext.

Direct browser → Wasabi uploads

We presign upload URLs, but file bytes never pass through our application server. Less code in the way means fewer chances of leaking.

Auto-expiration

Files self-destruct after their TTL. We run a cleanup job hourly that deletes expired ciphertext from Wasabi and our database.

Server-side, here's literally everything we have on your upload:

✓ Stored
  • Random public_id
  • Random storage_key on Wasabi
  • Ciphertext byte size
  • Expiry timestamp
  • Opaque base64 ciphertext (your filename + MIME)
  • HMAC of upload IP (for rate limiting)
✗ Never seen
  • Filename in plaintext
  • MIME type
  • Original plaintext file size
  • File contents
  • The encryption key
  • Your IP address in plaintext
Plans

Use it anonymously. Register for more.

No payment processor. No subscription. Just two tiers.

Anonymous $0

Free, no sign-up

  • Up to 2 GB per file
  • Files expire in 7 days
  • Parallel multipart uploads
  • Full client-side encryption
  • No dashboard / file history
Recommended
Registered $0

Free, with extras

  • Up to 20 GB per file
  • Files expire in 30 days
  • 3× more parallel uploads
  • Dashboard with file history
  • Optional download limits
Create free account →
Questions

Common questions

If something here isn't clear, send us a message.

Can Zippd see my file?
No. Files are encrypted in your browser with AES-256-GCM before upload. The key is generated client-side and stored only in the URL fragment (after #), which browsers never send to servers. We store ciphertext we can't decrypt.
What if you're served a subpoena?
We can hand over ciphertext. We can't hand over the key — we never had it. We don't store IP addresses in plaintext either, just an HMAC for abuse rate-limiting.
What happens when a file expires?
It's deleted from our Wasabi storage and our database. Anonymous uploads: 7 days. Registered: 30 days. Cleanup runs every hour.
How big can files be?
Anonymous: up to 2 GB. Registered: up to 20 GB. Files split into 8 MB chunks, uploaded in parallel direct to Wasabi.
What if I lose the share URL?
There's no recovery. The decryption key only existed in your URL — we never saw it. That's the design. Save the link somewhere safe.
Does the recipient need an account?
No. The share URL works for anyone with the link. Decryption happens in their browser when they click "Download".
Can I audit the code?
The crypto runs in plain JavaScript that your browser downloads. Open DevTools → Sources → look at crypto-*.js under /build/assets/. Nothing is obfuscated.