One-time secret sharing is a great idea. But most implementations leave a critical gap: your secret exists in plaintext on the provider's server, even briefly. CipherOnce closes that gap entirely through true zero-knowledge architecture.
Services like OneTimeSecret popularized the concept of ephemeral sharing — send a secret, it's gone after viewing. For its time, this was a significant improvement over email. But it has a fundamental architectural limitation that many users don't realize.
In most traditional implementations, you submit your plaintext to the service. The service then encrypts it — server-side, using a key the service controls. This means there is a window, however brief, where your unencrypted secret exists on someone else's infrastructure. And the encryption key is held by the provider.
Server-side encryption with provider-held keys is not zero-knowledge. It is trust-based security.
Browser-first encryption: Your secret is encrypted in your browser before submission. Our server receives only ciphertext — never plaintext, not even transiently.
Keys we never see: The AES-256 decryption key is embedded in the URL fragment (#). Browsers never transmit URL fragments to servers. We are structurally unable to access your key.
Verifiable open source: You don't have to trust our claims. Our encryption logic is open source — read it, audit it, fork it. Zero-knowledge by code, not by promise.
Breach-proof architecture: If our servers were compromised, attackers would find encrypted blobs without the keys needed to decrypt them. The data is useless without the URL.
No account required: Anonymous use is a first-class feature, not an afterthought. Sharing secrets should never require your identity.
