this is an encrypted pastebin thing

secrets are generated client side and never leave the client, unless you share the url with the secret in the hash.

how it basically works

you type something in, and when you save it, it generates a random secret, it uses it to encrypt the text, the title, and the highlight mode using aes. then the secret is hashed and those four things are sent to the server. the server validates it and saves it, then the secret is set as the url hash (the in # in the url). the secret is part of the url, so you can share it, but the hash is never sent to the server, and so the server never gets the secret, and can never decrypt the data.

when you click on a link with the secret, the page hashes the secret, and uses it to ask the server for the right data, then the page decrypts the data locally using the secret.

links to other stuff

personal site:

what i used to make this

text/code editor: ace
icons: font awesome
encryption and hashing: native js crypto.subtle

php code

save.php load.php