(no title)

Files are not encrypted (but 'secrets' are). Files are actually uploaded directly to a private S3 bucket over HTTPS.

Secrets (text) are sent over HTTPS and encrypted with a randomly-generated key using AES 256 bit encryption before being stored in our DB. The key is embedded in the share URL for the secret. We don't store the key or the URL anywhere on our servers, so the only way to decrypt the secret's contents is if you have that URL.