Skip to content

badsectordev/supersecret

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
public
public
 
 
src
src
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
wrangler.toml
wrangler.toml
 
 

Repository files navigation

SuperSecret

A secure, self-destructing message service built on Cloudflare Workers. Share sensitive information with one-time viewable links that expire after 24 hours.

Features

  • End-to-end encryption using AES-GCM
  • One-time viewing (messages self-destruct after being read)
  • 24-hour automatic expiration
  • Zero server-side key storage
  • Hybrid key system (master key + per-message key)

Deployment

  1. Install Wrangler CLI:
npm install -g wrangler
  1. Create KV namespace:
wrangler kv:namespace create SUPER_SECRETS
  1. Update wrangler.toml with your KV namespace ID:
name = "supersecret"
main = "src/worker.js"
compatibility_date = "2024-01-01"


[[kv_namespaces]]
binding = "SUPER_SECRETS"
id = "your-kv-namespace-id"
  1. Set your master key:
wrangler secret put MASTER_KEY
  1. Deploy:
wrangler deploy

Security

  • Messages are encrypted using AES-GCM with a hybrid key system
  • Master key never leaves the server
  • Dynamic key per message passed via URL fragment
  • Keys are derived using HKDF
  • All secrets expire after 24 hours
  • Messages are deleted immediately after viewing

Development

# Run locally
wrangler dev

# Test
wrangler dev --test

# Deploy
wrangler deploy

License

MIT

About

One time read, self destructing secret sharing with CloudFlare workers

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages