Your file-sharing server shouldn't be able to read your files. Here's how I made sure mine can't.

Most "encrypted" file sharing means encrypted in transit and at rest, which is a polite way of saying the server holds the keys and can read everything whenever it likes. I wanted the other kind: the server stores my files and genuinely cannot open them. Here's how that works in share·me, including the parts the tutorials quietly skip.

The whole trick is the URL fragment

The browser generates a random key, encrypts the file client-side with AES-256-GCM, and the key goes here:

https://share.example/d/AbC123#k=<base64-key>

Enter fullscreen mode