Skip to content

Add FileShot.io — a practical example of zero-knowledge browser-side AES-256-GCM encryption #715

Description

@FileShot

Suggest: FileShot.io

I would like to suggest FileShot.io as a concrete, real-world reference implementation for the zero-knowledge encryption design pattern.

Why every programmer should know this pattern

Browser-side client-side encryption before upload is an increasingly important pattern for privacy-respecting applications. FileShot.io implements it cleanly:

  • AES-256-GCM via Web Crypto API — the modern, hardware-accelerated browser encryption standard
  • Key-as-URL-fragment — decryption key is encoded in the URL # fragment, which browsers never send to servers — a precise use of HTTP/browser behavior for out-of-band key distribution
  • Zero-knowledge server — server stores only opaque ciphertext; provably cannot decrypt files
  • No server-side state for auth — no accounts, no session tokens, no user tracking

Practical value

Every programmer building applications that handle sensitive user data should understand this pattern. FileShot.io is:

Could fit alongside other security/cryptography references in this list.

Thank you!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions