Zero-Knowledge Pastebin Alternative Using Client-Side Aes-256-Gcm
Posted3 months ago
dailyforever.comTechstory
calmpositive
Debate
10/100
Zero-KnowledgeEncryptionPastebin
Key topics
Zero-Knowledge
Encryption
Pastebin
A new zero-knowledge pastebin alternative is introduced, utilizing client-side AES-256-GCM encryption for secure sharing, with the community showing interest in its security features.
Snapshot generated from the HN discussion
Discussion Activity
Light discussionFirst comment
N/A
Peak period
1
Start
Avg / period
1
Key moments
- 01Story posted
Sep 26, 2025 at 12:02 PM EDT
3 months ago
Step 01 - 02First comment
Sep 26, 2025 at 12:02 PM EDT
0s after posting
Step 02 - 03Peak activity
1 comments in Start
Hottest window of the conversation
Step 03 - 04Latest activity
Sep 26, 2025 at 12:02 PM EDT
3 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 45388026Type: storyLast synced: 11/17/2025, 1:16:46 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Implementation - Uses Web Crypto API (AES-256-GCM) - Keys generated with `crypto.getRandomValues()` - Random IV per operation - Content chunked into 4KB buckets - Argon2id for password hashing - Keys embedded in URL fragments
Architecture - Laravel backend stores only encrypted blobs - All crypto handled in JavaScript (client-side) - No server-side key storage - Metadata stored separately
Security Considerations - XSS could compromise client-side crypto - URL fragments may be logged in some contexts - No perfect forward secrecy - Relies entirely on client-side security
Questions - How can I improve key management? - Is there a viable way to add forward secrecy? - Should additional security layers (e.g., CSP, iframe sandboxing) be added?
****************
URL: https://dailyforever.com/
****************