Can the server read my note?
No. Only ciphertext, IV, and metadata (expiry, burn flag, syntax hint, encryption mode) are stored. Decryption happens in your browser.
Help
Frequently asked questions
Short answers about encryption, links, and account features. For architecture and threat boundaries, see the full How it works guide.
What if I lose the URL key fragment?
For legacy links, the decryption material is in the hash. If you lose it and have no vault recovery, the note cannot be decrypted. Public-key notes do not put the key in the URL; you need the recipient’s private keys on a device.
Can I create one-time links?
Yes. Enable burn-after-read when creating a note. After the first successful read, the paste record is removed.
Do links expire?
You can choose never (signed-in only where allowed), 1 day, 7 days, or 30 days. After expiry the ciphertext is no longer available.
What is public-key mode?
It encrypts a random session key to the recipient’s RSA public key and signs the payload with your local ECDSA key. The share URL has no fragment key. See Public-key encryption in How it works.
How does email sharing work?
When signed in, you can send the share URL by email from the success screen. It uses the configured mail provider, is rate-limited, and the message contains the full link. Read Email sharing for details and cautions.
What is cross-device recovery?
Signed-in users can encrypt the legacy link fragment with a vault password so it can be stored with your account and unlocked on another device. Public-key notes do not use this path.