Built this because I was paying $45/user/month for DocSend to share pitch decks. That's it. Serve pages as images, count the views, charge a fortune. Papermark is the obvious open-source answer but it's AGPL -- if you want to embed a secure doc viewer in a commercial product, that's a dealbreaker. And there's no npm package for this anywhere. If you want secure document viewing in your app today, you're writing it from scratch. CloakShare is MIT, API-first, and ships an embeddable Web Component. Upload a file, get a tracked link. Recipients hit an email gate, view pages rendered on canvas with per-session watermarks (email + session ID baked in), you get webhooks for every page turn and time spent. Revoke anytime. Also handles video -- HLS streaming with adaptive quality tiers and watermark overlays. DocSend doesn't do this at all. A few choices worth mentioning if you want to dig in: Hono over Express -- runs on Node, Bun, Deno, and edge runtimes. SQLite/Turso over Postgres -- zero config for self-hosting, Turso when you need distributed. Poppler over MuPDF because MuPDF is AGPL and would poison the license. Canvas rendering over PDF.js because PDF.js hands the raw file to the browser -- no watermarks, no analytics, no access control. On the watermark question: yes, you can screenshot. Canvas watermarks make leaks traceable and casual sharing inconvenient -- they're not DRM. Same as DocSend. I'd rather say that upfront than have someone find out and call it snake oil. Self-hosted version is MIT, no feature gates. Cloud version (coming) handles the ops. That's the business model. https://www.cloakshare.dev/