Security you can verify, not just trust
SealFile uses zero-knowledge encryption — your files are encrypted in your browser before they ever leave your device. We literally cannot see your data.
How SealFile works
Your device
You select your files
Files stay on your device. SealFile runs entirely in your browser — nothing is uploaded yet. You choose your security level: link-only, password-protected, or both.
a9c2
8b1d
Encrypted in your browser
Your browser generates a unique 256-bit encryption key using AES-256-GCM — the same standard used by governments and banks. Every file is encrypted locally. The encryption key never leaves your browser and is never sent to our servers.
Only your recipient can decrypt
The decryption key is embedded in the share link after the # symbol — a part of the URL that your browser never sends to any server. When your recipient opens the link, decryption happens entirely in their browser.
Zero-knowledge data flow
Your Browser
Key stays here Plaintext here only
SealFile Server
Never sees plaintext
Cloud Storage
Encrypted blobs only
Recipient Browser
Key extracted Decrypted here
What we can't see
What our servers store
- Encrypted binary blobs
- Share expiry timestamp
- Download count
- Hashed IP addresses (for abuse prevention)
What our servers NEVER see
- Your file contents
- Your file names
- Your encryption keys
- Your passwords
- Your IP address (only hashed)
Ready to share securely?
No account required. Your files are encrypted before they leave your browser.