Web
iPhone
macOS
One-time drop is an end-to-end encrypted file sharing application that works on the web via this completely static web page: https://onetimedrop.app and as a native app on both iOS and macOS.
Android and Windows are coming soon.
I need a tool that I would be comfortable sending ultra sensitive documents: passport scans, social security, bank statements, 1password backups, account numbers, etc. I need to be extremely sure these could never be recovered later on.
Other end-to-end encrypted file sharing services all have a flaw: the file encryption key appended to the end of the shareable URL.
Even if the key is located in the fragment of the URL (i.e. www.e2efiles.com/#super-long-secret-key) and thereby invisible to the host server, it is still a major weak point.
Typically you will send this URL via SMS, iMessage, FB chat, Whatsapp, email, etc. This means that the file encryption key is written down somewhere, it's sent in network packets, visible on screens. It becomes available to multiple different OSs, apps, web services. You should assume many parties can get this encryption key immediately or easily in a future data dump/audit/discovery. You should assume this key is plain-text known forever.
This is only ok if you are certain that the ciphertext (the encrypted file) is quickly and forever deleted after you download and decrypt it.
However, there is no way to verify that one of these e2ee file sharing services actually deletes the encrypted version of your file.
P.S: I really like Firefox Send, but unfortunately I don't want to trust mozilla to effectively delete encrypted data. It inspired me to build something better (cryptographically).
The file encryption key is never made recorded or made available to any party. The file encryption key is only computed in memory via a real-time key exchange between you and the sender.
In order for the encrypted file transfer to work, both parties have to run some code, in real-time, to perform an authenticated key exchange, every time. (Note: when using the web only version, you need to keep the page open for it to work while the native software uses e2ee push notifications for real-time kex.)
Note that the one-time drop shareable URL that's created does indeed contain some secret and some public cryptographic key material -- however, this key material is only used to initiate the authenticated key exchange and the client is programmed to only do it once per file transfer.
This means that the key exchange happens once, the link is completely useless and dead if found later on. You no longer need to trust the provider (our servers) to delete encrypted blobs anymore.
Once available, you can find the protocol specification and implementation here: github.com/agrinman/onetimedrop.
Core Library: protocol and client built with native Rust using libsodium for cryptography.
Web app: Front-end using the Yew Rust framework, with the Core Library cross-compiled to WebAssembly.
iOS/macOS: Front-end using Swift with FFI to the core-library (compiled to iOS/macOS).
The source code will be made public soon here: github.com/agrinman/onetimedrop
We don't track anything. All we can see are encrypted blobs on AWS S3 and encrypted messages via AWS SQS + SNS. We do not have access to any keys.
Send me an email at hello@onetimedrop.app or follow me on twitter @alexgrinman.