I built iKrypt after realizing how often passwords, API keys, and other sensitive info still get shared over Slack DMs or email with “I’ll delete it later”.
iKrypt is a zero-knowledge, one-time secret sharing tool:
- Secrets are encrypted in the browser - The server stores only ciphertext - The decryption key lives only in the URL fragment (never sent to the server) - Links expire by time or view count - Optional email notification when a link is first opened
This is intentionally not a password manager or vault — it’s for quick, one-off handoffs where you don’t want sensitive data living forever in chat history.
Built with:
Next.js (App Router) Web Crypto (AES-GCM) Server-side expiry & view enforcement
Live here: https://ikrypt.com
Would love feedback on:
the encryption model
wording/claims around “viewed vs opened”
whether this solves a real problem for you, or what’s missing
Thanks for checking it out