Your secret is encrypted by your browser prior to be sent to the server. It does it using the AES-GCM-256 algorithm. The browser generate a new key for each new secret submitted. It split it in half and send only one half to the server.
The server will store the encrypted secret alongside the partial key and the amount of view the secret can be viewed.
Once the client receive the confirmation from the server that the secret has properly being stored. It shares the link, appending it with the secret part that is not sent to the server.
A secret can only be retrieved and viewed if the link to access it contain that second part of the key that was not sent to the server. Only you, who created the secret, can share this unique link to your recipient.
My name is Elouan GOUINGUENET. I'm a French software engineer now living in North america. I've been building all sort of application for the past few years using many programming languages and frameworks.
I always like cryptography and wanted to explore it to have a better understanding of it, so I build this webapp. I also was never really sure what the back-end of similar app were doing with the data sent, so I build my own!