Why not use a one-time secret service?

Those rely on the sender managing a reveal link and disposal. snippetsafe removes that by making the recipient provision a cryptographic inbox.

How snippetsafe Works

Q: Do you ever see my messages?

No. Only encrypted blobs are stored; decryption happens client-side.

Q: Can I recover messages if I clear my browser?

No. Private keys are not escrowed; clearing them makes ciphertext permanently unreadable.

snippetsafe inverts traditional “paste a secret, get a link” workflows. Instead of trusting a sender to handle your sensitive data correctly, you (the recipient) create a cryptographic inbox and invite others to push encrypted messages into it. Only your browser can decrypt them.

High-Level Flow

You generate a keypair locally. Private key stays in browser storage; it never leaves your device.
You share a public link (contains an identifier + your public key or a reference).
Sender loads a minimal page that uses your public key to encrypt their message entirely client-side.
Encrypted payload (ciphertext) is sent to the server; no plaintext ever touches our infrastructure.
Your inbox fetches ciphertext and decrypts locally with your private key when you view messages.

Why This Is Different

Recipient-first trust model: You originate the secure channel.
No secret-bearing reveal link: There is never a decryption token traveling through email or chat.
Fewer exposure points: Plaintext is never staged server-side.
Reusable inbound link: Collect multiple secrets securely without creating dozens of expiring URLs.
Local key custody: Clearing browser storage automatically renders stored ciphertext undecryptable (privacy by design).

Threat Model Snapshot

Vector	Impact	Mitigation
Server compromise	Access to ciphertext only	Keys never stored server-side
Intercepted share link	Public key + ID only	No decryption possible
Lost local storage	Lose ability to decrypt	By design (no escrow)
Malicious sender	Can send spam ciphertext	Future: rate limiting / blocklist

FAQ

Do you ever see my messages?

No. We only store opaque ciphertext plus minimal routing metadata.

Can I recover messages if I clear my browser?

No—your private key is gone, and we cannot help decrypt. Consider exporting keys (future feature) if long-term retention matters.

Why not just use a one-time secret service?

Those rely on the sender to correctly handle and destroy a reveal link. snippetsafe removes that responsibility—senders just type and submit.

Next Steps

Generate your secure inbox on the homepage.
Share the link with someone who needs to send credentials or private notes.
Open your inbox to decrypt messages locally.

Future Enhancements

Key export / rotation
Sender authenticity indicators
Optional passphrase layer
Message shredding confirmations