You Control Who Sees It.
How They See It. When It Vanishes.

End-to-end encrypted in your browser. Set who can preview, stream, or download. Add view limits, time fuses, and passwords. The server never sees a byte.

Drop your files into the void

Free · Up to 500 MB · Recipients never need an account

Private·Encrypted·Ephemeral

The Problem

Your DMs, Email Attachments, and Cloud Links Are Not Private.

Every platform you rely on today reads your files, logs your shares, and keeps your content forever.

Email Attachments Live Forever

Once you hit send, that file lives on Gmail's servers, your recipient's inbox, and both Sent folders. Indefinitely. No expiry, no access control, no way to unsend once forwarded.

Cloud Links Are Just Public URLs

A Google Drive or Dropbox 'private' link is just a long URL. Anyone who gets it — via screenshot, forwarded message, or a data breach — has full access.

Your DMs Aren't Private for Files

Instagram, Twitter, Slack, and Discord all store the files you share in messages on their servers. They can hand them over to third parties. Your confidential files deserve better.

GhostDrop encrypts before upload. Zero knowledge. Self-destructs. That's the difference.

How It Works

Three steps. Zero traces.

01

Drop

Drag in any file — documents, media, archives. AES-256-GCM encryption fires instantly in your browser. Not a single byte reaches the server in plaintext.

02

Share

You get a link. The decryption key is baked into the URL fragment — the part after the #. Servers, analytics, and logs never see it.

03

Vanish

Set a view limit or a time fuse — or both. When your conditions are met, every encrypted chunk is purged from storage. Permanently. No recovery.

AES-256-GCM|Web Crypto API|Key in URL #fragment

Features

Built for the privacy-obsessed.

Every feature designed around one principle: your files are yours alone.

Zero-Knowledge Encryption

AES-256-GCM encryption runs in your browser before upload. The key lives only in the URL fragment. We cannot see your files — not technically, not legally, not ever.

Self-Destructing Links

Set a view limit, a time fuse, or both. Once triggered, every encrypted chunk is purged from storage permanently. No soft-delete, no recovery.

No Account Needed

Recipients never need an account. Just the link. The free tier works without a credit card — upload and share in under a minute.

Password Protection

Add a second layer. Recipients need the password before decryption begins.

Chunked Streaming & Preview

Files split into 4 MB encrypted chunks. MP4/MOV/M4A streams via MSE for constant ~30 MB RAM. Images, PDFs, and DOCX files render directly in the browser with zoom, pan, and fullscreen.

Dashboard

Track your drops, monitor views, manage active links. Know who accessed what.

Zero-Knowledge Architecture

We Are Mathematically Incapable of Reading Your Files.

This is not a privacy policy promise. It's a structural guarantee enforced by cryptography.

AES-256-GCM

Military-Grade Encryption

Every file is split into chunks encrypted individually using AES-256-GCM. Each chunk gets a unique IV derived by XOR-ing your drop's base IV with the chunk index. Tampering with any single chunk invalidates the authentication tag.

Browser-Only

The Key Never Leaves Your Browser

Your key is generated by the Web Crypto API and embedded in the URL fragment — the part after the #. Fragments are never sent to servers in HTTP requests. We have no database column to subpoena, no server log to leak it.

Zero-Knowledge

The Server Never Sees Plaintext

We receive encrypted blobs, store encrypted blobs, serve encrypted blobs, and delete encrypted blobs. Your file's content is opaque to us at every stage. A court order cannot compel us to produce plaintext we do not have.

AES-256-GCM|Per-Chunk IV|Web Crypto API|URL Fragment Key|Zero Server Plaintext

Who It's For

Anyone With Files That Shouldn't Live Online Forever.

From unreleased demos to legal contracts — if it's confidential and temporary, it belongs here.

Business & Legal

Share contracts, NDAs, tax documents, or board decks with clients and counsel — knowing the link expires on your schedule. No permanent cloud URL to leak, no forwarding chain to lose track of.

Contracts & NDAsTax documentsClient deliverables

Creators & Media

Send unreleased tracks, rough cuts, design files, or photo galleries for review. Set a view limit and a time fuse — after they've seen it, it's gone. No piracy surface, no lingering copies.

Unreleased demosRough cutsDesign files

Personal & Sensitive

Share medical records, ID documents, financial statements, or credentials with the people who need them — and no one else. Password protection adds a second layer. The link self-destructs when you say so.

Medical recordsID documentsFinancial statements

Journalism & Advocacy

Share sensitive materials with sources, editors, or legal teams — knowing the link won't outlive the story. No plaintext on the server means nothing to subpoena, nothing to leak.

Source documentsWhistleblower tipsResearch files

Pricing

Simple, transparent pricing.

Start free. Upgrade when you need more.

Free

$0

Quick, private shares

  • 250 MB per drop
  • 3 active drops
  • Fixed 24-hour expiry
  • Up to 3 views
  • 500 MB storage

Starter

$3/mo

For hobbyists who need more

  • 1 GB per drop
  • 7 active drops
  • Up to 3-day expiry
  • Up to 10 views
  • 5 GB storage
  • QR code sharing
Most Popular

Creator

$7/mo

For creators who share regularly

  • 2 GB per drop
  • 15 active drops
  • Up to 7-day expiry
  • Up to 25 views
  • 25 GB storage
  • Password & download

Pro

$15/mo

For professionals & teams

  • 10 GB per drop
  • 100 active drops
  • Up to 30-day expiry
  • Unlimited views
  • 200 GB storage
  • Everything in Creator

FAQ

Everything you want to know.

Your Next Share Should Disappear.

Start sharing with zero-knowledge encryption. No credit card, no account required to view. Free to start.