BlackNote

BlackNote An ephemeral secret sharing tool

Send an encrypted secret, retrieve it once, and it’s gone forever!


Instructions:

  1. Enter plain-text into the box above
  2. Click the ENCRYPT button ... a secure link is then generated
  3. Send the link to someone using your preferred method of communication


Encryption keys are never sent to or stored on our servers.

Generated links use the URL anchor (#) tag for encryption IV's and encryption keys. This ensures the server never knows the encryption keys. We could not recover your note even if we wanted to.

Notes are permanently deleted from our servers after one view.

Technical Details

  • Uses the libsodium (NaCL) cryptographic library
  • Encryption is performed client-side
  • Server only stores encrypted messages
  • Encrypted with xsalsa20-poly1305 encryption algorithm and message authentication

BlackNote Workflow

Technical Limitations

Cryptographic authentication is not performed. This means that BlackNote cannot verify who sent or who is reading the note.

As such, your trust that the author of the BlackNote is who they claim to be is only as strong as your trust in transport mechanism used to send the BlackNote (email, twitter, IRC, etc).

You can, however, be confident that the data you receive is exactly what the sender intended and no one else has viewed it.