mkukuljevic/privateburn
1
0
Fork 0
forked from Spearhead/privateburn
Code Pull Requests Activity
8 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Marsell Kukuljevic f45a50b2b9 Add support for expiring links.
2026-01-16 14:47:59 +00:00
.gitignore
engage
2026-01-15 13:38:02 +02:00
index.html
Add support for expiring links.
2026-01-16 14:47:59 +00:00
README.md
Update README.md
2026-01-16 11:07:41 +00:00
server.js
Add support for expiring links.
2026-01-16 14:47:59 +00:00

README.md

🔥 SecureBurn

A ultra-minimalist, zero-dependency Node.js "PrivateBin" clone. It allows users to share encrypted secrets that self-destruct (burn) immediately after the first access.

🛡️ Security Model: Zero-Knowledge

Encryption: AES-256-GCM encryption happens entirely in the sender's browser.

Privacy: The decryption key is stored in the URL after the # symbol (the fragment identifier).

Blind Storage: Browsers do not send the URL fragment to the server. Therefore, the server only ever sees and stores encrypted binary data. It has no way to read your secrets.

Self-Destruction: The server deletes the encrypted file from the disk the moment it is streamed to a recipient.

🚀 Getting Started

Prerequisites

Node.js (v16.0.0 or higher recommended) No package manager (npm/yarn) is required. For TLS put nginx or haproxy in front.

Installation & Running

Clone or copy the two files (server.js and index.html) into a directory.

Start the server:

node server.js

Access the UI: Open http://localhost:3000 in your browser.

🛠️ Configuration

The application is designed to be plug-and-play. You can modify the constants at the top of server.js:

PORT: The port the server listens on (default: 3000).

DATA_DIR: Where encrypted blobs are stored (default: ./data).

MAX_SIZE_BYTES: Maximum secret size (default: 10MB).

📋 Features

Zero Dependencies: Uses only native Node.js modules (http, fs, crypto, path).

10MB Capacity: Handles large text blocks or small files.

One-Click Copy: Generated links are automatically copied to the clipboard.

Mobile Friendly: Clean, responsive "Chat-style" UI.

Immediate Erasure: Uses fs.unlink to ensure the encrypted file is removed from the filesystem after one read.

⚠️ Important Notes

Persistence: Since it uses the file system, secrets will survive a server restart until they are burned.

HTTPS: To use the Web Crypto API (window.crypto), this app must be served over HTTPS in production (except for localhost).

Todo

  • example of how to use the api, including script to generate the encrypted file
  • add some method to delete secrets that have not been accessed within a certain time frame.
  • add some method to expiry secrets (e.g. when creating, maybe define how long they should be valid for)
  • add progress indicator to UI
  • add rate limited to make abuse harder?
Description
A ultra-minimalist, zero-dependency Node.js "PrivateBin" clone. It allows users to share encrypted secrets that self-destruct (burn) immediately after the first access.
Readme 56 KiB
Languages
HTML 77.7%
JavaScript 22.3%