How I built zero-knowledge file sharing where the server is literally blind to your files
Most file-sharing tools work like this: you upload a file, it sits on their server in a format they can read, and you share a link. The company has your file. Their employees, their compliance team, their government requests — they all have access to your content. I wanted to build something different. I wanted a file-sharing tool where — technically, provably — the server has zero ability to read what you've sent. That's FileShot.io . The core idea: encrypt before upload, key stays in the URL fragment The way it works: You pick a file in your browser The browser generates a random AES-256-GCM key The file is encrypted locally using the Web Crypto API The encrypted blob is uploaded to the server The key is appended to the URL fragment ( #key=... ) That last point is the critical one. The URL fragment — the part after # — is never sent to the server in HTTP requests. It lives only in the recipient's browser. When someone opens the share link, their browser: Reads the key from the fragme
Continue reading on Dev.to Webdev
Opens in a new tab
