Zero Link — anonymous encrypted file, code, and text sharing
Built for people who want anonymity when sharing information. Encrypt files, code or plain text in your browser. Download links and files are wiped every 24hrs.
Drop files or browseImages and PDFs are scrubbed of metadata before encrypt. Multiple files are zipped first. Up to 5GB total.
Link expires in 24 hours · burn on the clock
No cookies, accounts, or tracking
AES-256-GCM encryption before upload
Decryption key only in the URL fragment
Image EXIF and PDF metadata stripped
24-character random link · 24-hour life
How it works
You choose what to share. Your browser encrypts it. We store only ciphertext under a random ID. The key travels in the #fragment of the link — browsers never send fragments to servers.
01
Compose
Paste code, write text, or drop files. Images and PDFs lose identifying metadata first.
02
Encrypt
A fresh AES-256 key seals the payload in your browser. We never see plaintext.
03
Vanish
Send the link. After 24 hours the blob is wiped — permanently.
Built for privacy
Zero Link was made for journalists, sources, and people who need to share information without leaving a trail. No login. No cookies. No access logs or User-Agent data tied to shares. The server holds encrypted blobs and expiry timestamps only. When the clock runs out, the files are deleted.
Abuse prevention without keeping your data
We still need to stop spam and disk flooding. The controls below are designed to do that without building profiles or attaching identity to what you share.
Encrypt first
Your browser seals files, code, and messages before upload. We store ciphertext — not readable content — so abuse checks never need to inspect what you shared.
Keys stay off the server
The decryption key lives in the link’s #fragment. Browsers do not send that part to us, so limiting uploads does not give us a way to open your shares.
Short retention
File and code shares wipe after 24 hours; secure contact pages after 5 days. Even a flooded disk clears itself on a short clock.
Size and rate caps
Uploads are capped (up to 5 GB). New shares are rate-limited per network to block mass spam. Those counters stay in memory only — not written into share records or access logs.
No accounts, no tracking
There is nothing to sign into and no analytics cookies. We do not score visitors or keep a history of who shared what.
What we never attach to a share
Shares are random IDs plus ciphertext and an expiry time. We do not store your IP, email, or device info on the encrypted object itself.
Verify privacy
Don't take our word for it — check in your browser. Encryption, cookies, and network requests you can inspect yourself.
01
No cookies
Open DevTools → Application → Cookies. This site should list none. We never set cookies or tracking IDs.
02
Key stays in #fragment
After you create a link, look at the address. Everything after # is the decryption key. Open DevTools → Network and confirm requests do not include that fragment — browsers never send it to servers.
03
Uploads are ciphertext
Share a small test file while Network is open. The upload body is encrypted binary, not readable PDF or text. Plaintext never leaves your browser.
04
No third-party trackers
In the Network panel, filter by domain. You should only see this site — no analytics, ads, or social pixels. The source is also on GitHub for review.
Tip: press F12 (or Ctrl+Shift+I / Cmd+Option+I) to open DevTools, then use the Application and Network tabs above.
Secure Contact
To protect your privacy we communicate using an encrypted key just like sharing files. This key gives you access to a temporary secure page. Check the page often for a response to your message from the creator. The link and page are deleted after 5 days.