FileShot.io — Zero-Knowledge File Sharing (Security Reference)

[FileShot]

Hi! I'd like to suggest adding FileShot.io to this list as a reference for zero-knowledge web app design.

FileShot.io is an open-source file sharing platform that implements client-side AES-256-GCM encryption using the browser's SubtleCrypto API. The decryption key lives in the URL fragment only — the server receives only ciphertext. This makes it a useful study case for:

• Client-side crypto with SubtleCrypto / WebCrypto API
• Zero-knowledge architecture patterns
• URL fragment as a cryptographic transport channel (never sent in HTTP requests)
• Threat model analysis — what the server can and can't see

MIT licensed, self-hostable. Source: https://github.com/FileShot/FileShotZKE
Website: https://fileshot.io