Encrypted Notes
Share private messages that self-destruct after reading. Encrypted in your browser before anything touches our server. We never see your content.
Note Created
Share this link. The recipient will be able to decrypt and read the note.
Important
The encryption key is in the link (after the # symbol). Without it, nobody — including us — can read the note.
This note will be destroyed after the first view.
Expires:
Decrypting note...
Note Unavailable
AES-256-GCM encryption. Key stays in the URL fragment and never reaches our server.
How It Works
You Write
Type or paste your private content. A random encryption key is generated in your browser.
We Store the Ciphertext
Your note is encrypted with AES-256-GCM before it leaves your browser. Only the encrypted blob reaches our server. We never see the key.
They Decrypt
The recipient opens your link. The key in the URL fragment decrypts the note in their browser. Optionally, the note self-destructs.
Why is the key in the URL?
The part after the # in a URL (the fragment) is never sent to the server. Your browser keeps it locally. This means the encryption key physically cannot reach us, even if our server were compromised. This is the same approach used by PrivateBin and other zero-knowledge services.
What can we see?
We store the encrypted ciphertext, the initialisation vector (needed for decryption but useless without the key), and metadata (when the note expires, whether it self-destructs). We cannot read the note content. We do not log IP addresses of viewers.
Burn after reading
If you enable this, the note is permanently deleted from our server after the first person opens it. There is no second chance, no recovery, no undo. The ciphertext is gone.
Encrypt your connection too
Encrypted notes protect the content. A VPN protects the connection. Use both for complete privacy.
Explore PremierVPN