GhostPaste is a privacy-focused code sharing platform that ensures your code snippets remain completely private through client-side encryption. Unlike traditional code sharing services, our servers never have access to your plaintext content - everything is encrypted in your browser before being uploaded.
- π Zero-Knowledge Encryption - Your code is encrypted locally using AES-GCM before leaving your browser
- π€ No Account Required - Share code instantly without signing up
- βοΈ Password-Protected Editing - Set a password to allow editing your snippets later
- π Multi-File Support - Share multiple files in a single gist
- π¨ Syntax Highlighting - Beautiful code display with CodeMirror 6
- π One-Click Copy - Copy code or share links instantly
- π Dark/Light Mode - Easy on the eyes, day or night
- β¨οΈ Keyboard Shortcuts - Power user friendly with full keyboard support
- π± Responsive Design - Works perfectly on all devices
- π Global Edge Deployment - Fast access from anywhere in the world
- β±οΈ Self-Expiring Content - Set snippets to auto-delete after a specified time
- ποΈ One-Time View - Create snippets that disappear after being viewed once
- π Version History - Track changes with automatic versioning (storage ready)
- βοΈ Edit Existing Gists - Edit your gists with password protection
- π Advanced Search - Search within your gists and filter by language
- Visit ghostpaste.dev
- Paste or write your code
- Add multiple files if needed (click "Add File")
- Set an optional password for editing
- Click "Create Gist" and share the generated link
Simply open the shared link - the decryption key is in the URL fragment (#key=...) and never sent to our servers.
Cmd/Ctrl + Enter- Add new file (in editor)Cmd/Ctrl + Enter- Create gist (on create page)Cmd/Ctrl + ?- Show all shortcutsEscape- Close dialogs
- Client-Side Encryption: All encryption/decryption happens in your browser using the Web Crypto API
- Zero-Knowledge: Servers only store encrypted blobs - we can't read your content even if we wanted to
- No Tracking: No analytics, no cookies, no user tracking
- Bot Protection: Optional Cloudflare Turnstile integration for spam prevention
- Open Source: Verify our security claims by reviewing the code
- Framework: Next.js 15 with React 19
- Runtime: Cloudflare Workers (Edge)
- UI Components: shadcn/ui with Radix UI
- Code Editor: CodeMirror 6
- Encryption: Web Crypto API (AES-GCM)
- Storage: Cloudflare R2 with versioning
- Styling: Tailwind CSS with CSS variables
- Testing: Vitest with React Testing Library
| Resource | Limit | Why? |
|---|---|---|
| File size | 500 KB | Covers 99% of code files |
| Total size | 5 MB | Enough for ~10-20 typical files |
| Files per gist | 20 | Keeps the UI responsive |
| Versions kept | 50 | Balances history with storage |
ghostpaste/
βββ app/ # Next.js app router
β βββ api/ # API routes
β βββ create/ # Gist creation page
β βββ g/[id]/ # Gist viewing page
β βββ demo/ # Component demos
βββ components/ # React components
β βββ ui/ # Reusable UI components
β βββ *.tsx # Feature components
βββ lib/ # Core utilities
β βββ storage.ts # R2 storage client
β βββ crypto.ts # Encryption utilities
β βββ binary.ts # Binary encoding
β βββ ... # Other utilities
βββ types/ # TypeScript types
βββ docs/ # Documentation
βββ public/ # Static assets
- Node.js 20+
- npm or yarn
- Git
# Clone the repository
git clone https://github.com/nullcoder/ghostpaste.git
cd ghostpaste
# Install dependencies
npm install
# Start development server
npm run dev # Next.js development (hot reload)
# OR
npm run preview # Full Cloudflare Workers simulationSee our Local Development Guide for detailed setup instructions.
Create a wrangler.toml file:
name = "ghostpaste"
compatibility_date = "2024-12-01"
[[r2_buckets]]
binding = "GHOSTPASTE_BUCKET"
bucket_name = "ghostpaste-bucket"
[vars]
NEXT_PUBLIC_APP_URL = "https://ghostpaste.dev"For environment variables:
Build-time variables (.env or .env.production):
# Only NEXT_PUBLIC_* variables - these are embedded in the client bundle
NEXT_PUBLIC_TURNSTILE_SITE_KEY=your_public_site_keyRuntime secrets (.dev.vars for local, wrangler secret put for production):
# Never put these in .env files!
TURNSTILE_SECRET_KEY=your_secret_key.env or .env.production files as they become part of the client bundle!
# Build for Cloudflare Workers
npm run build
# Deploy to production
npm run deployGhostPaste is actively being developed. Here's what's completed and what's in progress:
- Core Infrastructure: Encryption/decryption system, binary format, authentication
- UI Components: 100% of components complete (19/19) with comprehensive testing
- API Implementation: Complete CRUD operations for gists and blobs
- Create Gist Flow: Full end-to-end gist creation with encryption and sharing
- View Gist Flow: Complete gist viewing with decryption and syntax highlighting
- Multi-file Support: Add, remove, and manage up to 20 files per gist
- Security Features: Password protection, expiry settings, one-time view
- Modern UI: Responsive design, dark/light mode, keyboard shortcuts
- Developer Experience: Comprehensive documentation, testing, and tooling
- Gist Editing: Edit existing gists with password validation
- File Management: Enhanced file operations and reordering
- Performance: Loading states and error handling improvements
- Version History: View and restore previous versions
- Advanced Features: Search, themes, keyboard navigation
- Polish: Animations, PWA support, print/export
- Technical Specification - Detailed architecture and implementation details
- Encryption Architecture - In-depth encryption documentation
- Security Best Practices - Security guidelines for developers and users
- AI Development Guide - Guidelines for AI-assisted development
- Implementation TODO - Development roadmap and progress tracking
- Contributing Guide - How to contribute to the project
- Local Development - Setting up your development environment
- Phase Tracking - Current development phase status
We welcome contributions! Please see our Contributing Guidelines for detailed information on how to contribute to this project.
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'feat: add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- Built with Next.js
- UI components from shadcn/ui
- Code editing powered by CodeMirror
- Hosted on Cloudflare
GhostPaste is a testament to the power of AI-assisted development. This entire project was built through a collaborative dialogue between human creativity and Claude's technical expertise. From architecture decisions to implementation details, every line of code emerged from thoughtful conversation.
What started as an idea for a privacy-focused code sharing platform evolved through hundreds of interactions with Claude Code. Together, we:
- Architected a zero-knowledge encryption system that keeps data private
- Designed a clean, intuitive UI using modern React patterns
- Implemented edge-compatible code for global performance
- Solved complex challenges like versioning and binary encoding
- Refined the user experience through iterative improvements
This project demonstrates that AI can be more than just a coding assistant - it can be a true development partner that helps bring ideas to life while maintaining high standards for security, performance, and user experience.
- 100% AI-Paired Development: Every component built through human-AI collaboration
- Production-Ready Code: Comprehensive testing, error handling, and documentation
- Security-First Design: Encryption implementation guided by best practices
- Modern Architecture: Leveraging cutting-edge web technologies
A collaborative creation
Built through the synergy of human vision and AI capability
Powered by Claude Code + Human Creativity
Visit GhostPaste β’ Report Bug β’ Request Feature
Share code. Keep secrets. Stay ghosted. π»