- Zero-Knowledge Encrypted Code Sharing -
-- Share code snippets securely with client-side encryption. Your code, - your privacy. -
-
- Current theme:{" "}
-
+ Zero-knowledge encrypted code sharing. Your code is encrypted in
+ your browser. We can't see it. Nobody can.
+
+ No signup required • Always free • Open source
+
+ Only you have the key. We literally can't decrypt it.
+
+ Your encryption key stays in the URL fragment (after #) - it never
+ reaches our servers
+
+ AES-256-GCM encryption happens in your browser
+
+ Start sharing instantly. No email, no tracking
+
+ One-time views & auto-expiry keep secrets safe
+
+ Edge-powered by Cloudflare Workers
+
+ Drop in your code, config files, or any text. Support for
+ multiple files, syntax highlighting, and all major
+ programming languages.
+
+ Your code is encrypted instantly. You get a link with the
+ decryption key embedded in the fragment - we never see it.
+
+ Send the link to anyone. They can view and decrypt locally.
+ Set expiry times or one-time viewing for extra security.
+
+ Every line of code is public. Audit our encryption, run your
+ own instance, contribute improvements.
+
+ Human-AI collaboration at its finest. Even our AI assistant
+ can't decrypt your pastes.
+
+ We can't read your code, sell your data, or comply with
+ decryption requests. Math protects you.
+
+ Join thousands of developers who trust GhostPaste for private code
+ sharing.
- Click the theme toggle button in the navigation bar to switch
- between light and dark modes.
+
+
+ No signup • Free forever • Your code stays yours
- system/light/dark
-
+ <>
+ {/* Hero Section */}
+
+ Share Code.{" "}
+
+ Keep Secrets.
+
+
+
+ {/* Subheading */}
+
+ See the Magic Happen
+
+
+ You paste your code
+
+
+ {`function secret() {\n return "Hello World";\n}`}
+ Browser encrypts it
+
+
+ {`7A3B9F2E8C4D6A1B5F9E
+2D4C8B7A3F6E1D5C9B8A
+4F7E2C1B9D6A3E8F5C2B`}
+ We store gibberish
+
+ Built for Developers, by Developers (and AI)
+
+
+ Client-Side Encryption
+ No Account Needed
+ Self-Destructing
+ Lightning Fast
+
+ Three Steps to Secure Sharing
+
+
+ Paste Your Code
+
+ Get Your Secure Link
+
+
+ Share with Confidence
+
+
+ Why Developers Trust GhostPaste
+
+
+ Open Source
+ Built with Claude Code
+ Zero Knowledge
+
+ Ready to Share Code Securely?
+
+
R2 Bucket Test
-+ Privacy Policy +
++ Last updated: January 6, 2025 +
++ Privacy First, Always +
++ This Privacy Policy describes how GhostPaste ("we", + "us", or "our") handles information when + you use our service. We are committed to protecting your + privacy through zero-knowledge encryption and minimal data + collection practices. +
+The Short Version 🛡️
++ We can't see your code. We don't track you. We + don't sell data. Your pastes are encrypted before + they reach us. Privacy isn't just a feature - + it's our foundation. +
++ 1. Information We DON'T Collect +
+Thanks to our zero-knowledge architecture:
+-
+
- We cannot see your unencrypted code or content +
- We do not track individual users +
- We do not use analytics or tracking cookies +
- + We do not collect email addresses or personal information + +
- We do not have user accounts or profiles +
- We do not log IP addresses for tracking +
- We cannot access your encryption keys +
+ We're Privacy Blind 🙈 +
++ Imagine we're wearing a blindfold - we literally + can't see your code because it's encrypted + before it reaches us. No tracking, no profiling, no creepy + stuff. +
+2. What We Store
+We only store:
+-
+
- + Encrypted blobs: Your code, encrypted + client-side + +
- + Metadata: Creation time, expiry time, + file count + +
- + Hashed PINs: If you set a password (we + can't reverse it) + +
- + Random IDs: To identify your pastes + +
+ All encryption happens in your browser. We never receive or + store plaintext content or encryption keys. +
++ Just Encrypted Gibberish 🔐 +
++ Our database looks like random nonsense because everything + is encrypted. Even if someone hacked us (please + don't!), they'd just get encrypted blobs they + can't read. +
++ 3. How Our Encryption Works +
+Your privacy is protected by:
+-
+
- + Client-side encryption: AES-256-GCM in + your browser + +
- + Key generation: Unique key for each paste + +
- + URL fragments: Keys in # part (never sent + to server) + +
- + Zero-knowledge: We can't decrypt + even if asked + +
- + Open source: Verify our code yourself + +
+ Fort Knox for Code 🏰 +
++ Your code gets locked in a digital safe before leaving + your computer. The key? Only you have it. We just store + the locked safe. Military-grade encryption, zero access. +
++ 4. Server Logs & Infrastructure +
+For service operation and security:
+-
+
- Cloudflare may log requests for DDoS protection +
- + Temporary error logs for debugging (no personal data) + +
- No long-term IP address storage +
- No user behavior tracking +
- Logs are automatically purged +
+ Basic Operations Only 🔧 +
++ Cloudflare helps protect against attacks and keeps things + fast. They might see you visited, but not what you shared. + We keep logs minimal and delete them quickly. +
++ 5. Cookies & Local Storage +
+We use minimal browser storage:
+-
+
- + Theme preference: Light/dark mode choice + +
- + No tracking cookies: Zero, zilch, nada + +
- + No third-party cookies: Just us here + +
- + No analytics: We don't need to know + +
+ Cookie Diet 🍪 +
++ We're on a strict cookie diet - only the essential + one to remember if you like dark mode. No tracking + cookies, no ads, no nonsense. +
++ 6. Data Sharing & Third Parties +
+We share your data with:
+-
+
- + Nobody: We don't sell data + +
- + No one: We don't trade data + +
- + Zero third parties: Your data stays with + us + +
- + Not even governments: We can't + decrypt it anyway + +
+ Exception: Cloudflare provides our infrastructure, but they + only see encrypted data. +
++ Your Data = Fort Knox 🏦 +
++ We don't have a business model based on your data. We + can't sell what we can't see. Even if the FBI + asked nicely, we couldn't help - we don't have + the keys! +
++ 7. Data Retention & Deletion +
+Your data is automatically deleted:
+-
+
- After your set expiry time (1 hour to 30 days) +
- Immediately for one-time view pastes +
- When you manually delete with your PIN +
- Default retention: 30 days maximum +
+ Deleted means deleted - we don't keep backups of user + content. +
++ Auto-Cleanup Crew 🧹 +
++ Your pastes self-destruct based on your settings. One-time + views? Gone after viewing. Set an expiry? Poof, it's + gone. We're not a permanent storage service. +
+8. Your Rights
+You have the right to:
+-
+
- Use the service anonymously +
- Delete your content anytime (with PIN) +
- Not be tracked or profiled +
- Review our open-source code +
- Run your own instance +
+ You're in Control 🎮 +
++ No accounts, no tracking, no BS. Use it, delete it, + inspect the code, or run your own. Your data, your rules. + We're just here to help you share code safely. +
++ 9. Policy Updates +
++ We may update this policy to reflect changes in our + practices or for legal reasons. Updates will be posted here + with a new "Last updated" date. Significant + changes will be highlighted. +
++ Keeping You Posted 📬 +
++ If we change something important, we'll update the + date. But honestly, our core promise won't change: we + can't see your stuff, and we like it that way. +
+10. Contact Us
+Questions about privacy? Reach out:
+-
+
- + GitHub Issues:{" "} + + Ask a Question + + +
- + Source Code:{" "} + + Verify Our Claims + + +
+ Privacy Questions? 🤔 +
++ We're transparent about everything. Check our code, + ask questions, suggest improvements. Privacy is a + community effort. Built with 👻 and 🤖. +
+Privacy by Design
++ Not just a policy, but a promise. Your code stays yours, always. +
++ Security Architecture +
++ A technical deep dive into how GhostPaste keeps your code private +
+
+
+
+ + GhostPaste implements true zero-knowledge encryption. This means + we have zero ability to access your plaintext data, zero + knowledge of your encryption keys, and zero way to comply with + requests to decrypt your data. +
+
+
+ -
+
-
+
+ Your original code and files +
+ -
+
+ The encryption/decryption key +
+ -
+
+ When and how to share +
+ -
+
+ Complete control over your data +
+
+
+ -
+
-
+
+ Your unencrypted code +
+ -
+
+ Your encryption keys +
+ -
+
+ What your paste contains +
+ -
+
+ Who you share with +
+
+
+
+ Encryption Flow
+Key Generation
+
+ A cryptographically secure random 256-bit key is
+ generated using{" "}
+
+ crypto.getRandomValues()
+
+
Client-Side Encryption
++ Your data is encrypted using AES-256-GCM with a unique + IV for each encryption +
+Binary Format
++ Encrypted data is packed into a custom binary format + with metadata +
+Server Storage
++ Only the encrypted blob is sent to and stored on our + servers +
+Key in URL Fragment
++ The encryption key is placed in the URL fragment (after + #) which never reaches any server +
+
+
+ -
+
- Encryption Algorithm +
- + AES-256-GCM (Galois/Counter Mode) + +
- Key Size +
- + 256 bits (32 bytes) + +
- IV Size +
- + 96 bits (12 bytes) - unique per encryption + +
- Auth Tag Size +
- + 128 bits (16 bytes) + +
- PBKDF2 for PINs +
- + SHA-256, 100,000 iterations + +
+
+ -
+
- Hosting +
- + Cloudflare Workers (Edge Computing) + +
- Storage +
- + Cloudflare R2 (S3-compatible) + +
- Transport +
- + TLS 1.3+ enforced + +
- DDoS Protection +
- + Cloudflare automatic protection + +
- Data Residency +
- + Global edge locations + +
+
+
+ End-to-End Encryption
++ Data is encrypted before leaving your browser and decrypted + only in the recipient's browser +
+Forward Secrecy
++ Each paste uses a unique encryption key that's never + reused +
+Authenticated Encryption
++ GCM mode ensures data integrity and authenticity +
+
+
+
+ + What We Protect Against +
+
+
+
+
+
+
+
+ Limitations +
+
+
+
+
+
+
+
+ + Don't just take our word for it. GhostPaste is fully open + source, allowing you to: +
+Audit the Code
+-
+
- • Review our encryption implementation +
- • Verify no backdoors or data collection +
- • Check for security vulnerabilities +
- • Ensure keys stay client-side +
Run Your Own Instance
+-
+
- • Deploy to your own infrastructure +
- • Control your data completely +
- • Customize for your needs +
- • Perfect for sensitive environments +
+
+ + Found a security vulnerability? We appreciate responsible + disclosure. +
++ Please review our security policy for responsible disclosure + guidelines: +
+ ++ We'll acknowledge your report within 48 hours and work + with you to understand and resolve the issue quickly. +
++ Security Through Transparency +
++ Our code is open, our encryption is proven, and your data remains + yours. +
++ Terms of Service +
++ Last updated: January 6, 2025 +
++ Legal Introduction +
++ These Terms of Service ("Terms") govern your use of + GhostPaste ("Service"), operated by GhostPaste + ("we", "us", or "our"). By + accessing or using our Service, you agree to be bound by these + Terms. If you disagree with any part of these terms, you may + not access the Service. +
+Welcome! 👋
++ By using GhostPaste, you're agreeing to these terms. + Don't worry - we've kept them simple and fair. + The green boxes explain what each section really means. +
++ 1. Acceptable Use Policy +
+You may not use our Service to:
+-
+
- Violate any applicable laws or regulations +
- + Transmit any material that is unlawful, offensive, + defamatory, or otherwise objectionable + +
- + Infringe upon any third party's intellectual property + rights + +
- Transmit any malware, viruses, or malicious code +
- + Attempt to gain unauthorized access to any portion of the + Service + +
- Harass, abuse, or harm another person or group +
- + Use the Service for any illegal or unauthorized purpose + +
+ Be Nice & Legal +
++ Use GhostPaste for good! Share code, not malware. Respect + others' work. Keep it legal. We're a tool for + developers, not hackers. +
++ 2. Privacy and Data Protection +
+We implement zero-knowledge encryption, meaning:
+-
+
- All encryption happens in your browser +
- We never have access to your encryption keys +
- We cannot decrypt or view your content +
- We store only encrypted data on our servers +
- + We do not track users or collect personal information + +
- We do not use cookies for tracking purposes +
+ For more details, see our{" "} + + Privacy Policy + + . +
++ Your Secrets Are Safe +
++ We literally can't see your code - it's + encrypted before it leaves your computer. We're like + a safety deposit box: we store your stuff, but only you + have the key. 🔐 +
++ 3. Content Ownership +
++ You retain all rights to the content you upload to + GhostPaste. By using our Service: +
+-
+
- + You represent that you own or have the right to share the + content + +
- + You grant us a limited license to store your encrypted + content + +
- + This license is solely for the purpose of operating the + Service + +
- You may delete your content at any time +
- + We claim no intellectual property rights over your content + +
+ Your Code, Your Rights +
++ Your code is yours, period. We just hold onto the + encrypted version for you. You can delete it anytime. We + don't claim any ownership - we're just the + messenger! +
++ 4. Service Availability +
+While we strive for 100% uptime:
+-
+
- + The Service is provided "as is" and "as + available" + +
- + We do not guarantee uninterrupted or error-free service + +
- + We may perform maintenance that temporarily affects + availability + +
- + We reserve the right to modify or discontinue features + +
- + We are not responsible for any data loss due to your lost + encryption keys + +
+ We're Human (and AI) Too +
++ We'll do our best to keep things running smoothly, + but sometimes servers hiccup. Always keep backups of + important code. And remember - if you lose your key, we + can't help! 🗝️ +
++ 5. Limitations of Liability +
++ TO THE MAXIMUM EXTENT PERMITTED BY LAW, GHOSTPASTE SHALL NOT + BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, + CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING WITHOUT + LIMITATION, LOSS OF PROFITS, DATA, USE, OR GOODWILL. +
++ Our total liability shall not exceed the amount you have + paid us in the past twelve months (which, for free users, is + zero). +
++ Use at Your Own Risk +
++ GhostPaste is a free service. We're not responsible + if something goes wrong. Don't store your only copy + of important code here. It's a sharing tool, not a + backup service! +
+6. Termination
++ We may terminate or suspend access to our Service + immediately, without prior notice or liability, for any + reason whatsoever, including: +
+-
+
- Breach of these Terms +
- Request by law enforcement or government agencies +
- Discontinuation of the Service +
- Technical or security issues +
+ Play Nice or Goodbye +
++ If you abuse the service or break the rules, we can block + you. But honestly, if you're just sharing code + normally, you have nothing to worry about! +
++ 7. Changes to Terms +
++ We reserve the right to modify these Terms at any time. If + we make material changes, we will notify users by updating + the "Last updated" date. Your continued use of the + Service after changes constitutes acceptance of the new + Terms. +
++ Terms Can Change +
++ We might update these terms occasionally. We'll + change the date at the top when we do. Keep using + GhostPaste = you're okay with the updates. +
+8. Governing Law
++ These Terms shall be governed by and construed in accordance + with the laws of the jurisdiction in which GhostPaste + operates, without regard to its conflict of law provisions. + Any disputes arising from these Terms shall be resolved + through binding arbitration. +
++ Legal Stuff +
++ If we ever disagree (hopefully not!), we'll handle it + through arbitration. It's faster and less formal than + court. Let's keep things friendly! 🤝 +
++ 9. Contact Information +
++ If you have any questions about these Terms, please contact + us at: +
+-
+
- + GitHub Issues:{" "} + + Report an Issue + + +
- + Source Code:{" "} + + View on GitHub + + +
+ Questions? We're Here! +
++ Got questions? Found a bug? Want to say hi? Open an issue + on GitHub - we're friendly and we actually respond! + Built with ❤️ and 🤖 by humans and Claude. +
+Ready to Start?
++ By using GhostPaste, you agree to these terms. We think + they're pretty fair - what do you think? +
+