sendit.chat
Send files and messages that disappear.
Create a private link, share it in seconds, and leave no history behind.
No signup • No logs • Works in your browser
213 sessions started since last deploy
Start private session
Create a secure room in your browser for disappearing messages and temporary file sharing.
Open private link
Have a one-time invite? Paste the private session URL below to join instantly without signing up.
How it works
Create a private session, share the link, send what you need, then close the tab and leave no history behind.
Create a private session
Your browser generates the join secret locally, derives the session ID client-side, and keeps the private keys on your device.
Share the one-time link
Invite someone with a one-time /j/<token> link that is kept in server memory only until first use or expiry.
Send files or messages
Everything is end-to-end encrypted before it leaves your browser, so the server only relays ciphertext it cannot read.
Leave and it disappears
Messages and files exist only for the life of the session. Close the tab and they are gone — no logs, no history, no trace.
Common use cases
A secure WeTransfer alternative for sensitive files, anonymous file sharing without an account, and one-time private conversations.
Share sensitive files
Send contracts, IDs, or reports with a private link instead of leaving them in inboxes or cloud drives.
Send secrets safely
Share passwords, recovery codes, or internal URLs in a private session that disappears when you are done.
One-time conversations
Start a private chat with no sign-up, no phone number, and no permanent message history.
Temporary collaboration
Spin up a private room for quick client or team exchanges without creating another permanent workspace.
Why you can trust this
Encrypted before upload
Your data is encrypted in your browser before it leaves your device.
Server cannot read it
The server only relays ciphertext and cannot decrypt your messages or files.
Nothing stored after
Messages and files only exist during the session. Close the tab and they are gone.
Privacy by design
No account, no identity requirement, and open source code built for privacy from the start.
Better for sensitive sharing
Popular messengers are great for persistent chat. sendit.chat is built for temporary private sessions, disappearing files, and no-account sharing.
| sendit.chat | Telegram | Signal | ||
|---|---|---|---|---|
| No account required | ✓ | ✗ | ✗ | ✗ |
| No install needed | ✓ | ✗ | ~ | ✗ |
| Automatic deletion | ✓ | ✗ | ✗ | ✗ |
| Messages never stored | ✓ | ✗ | ✗ | ✗ |
| End-to-end encryption | ✓ | ✓ | ✗ | ✓ |
| Server is blind to content | ✓ | ✗ | ✗ | ✓ |
| Private link sharing | ✓ | ✗ | ✗ | ✗ |
See technical details
All messages and files are protected by a Noise_XX + Signal Double Ratchet stack (X25519 + HKDF-SHA256 + ChaCha20-Poly1305, with AES-256-GCM protecting stored private keys). The server only relays encrypted blobs and temporary invite tokens — it never has the chat keys.
Server Public Key Transparency
The server generates an Ed25519 signing key pair at startup and uses it to sign the
SHA-384 script-integrity manifest. Comparing the public key below against the one
published in the
source repository
lets you independently verify that this server is running genuine, unmodified code.
A substituted malicious server would show a different key.
The machine-readable JSON is available at
/.well-known/pubkey.
⚠ Key is ephemeral (regenerated on restart). Set SERVER_SIGNING_KEY for a stable, pinnable key.
| Ed25519 public key | 24570104cd7fbbb1d9d48bccc98083a190fc7c9e3e86219f2ec7c5152360ef29 |
| Signature over script hashes | d94d689a4c6ecbf0dbaf236a235967d9a614b891b482972c04e79b7af3446e79f208477c86ac492bb9155603e6181d62af6350a3c6995b3d9cbd24f5c4da060b |
Script Integrity Verification
Every session script is protected by a SHA-384 Subresource Integrity hash. Your browser enforces these hashes automatically — any script that does not match is blocked before it can run. To independently detect a compromised server, compare the hashes below against the /.well-known/sri.json endpoint or the reference values published in the source repository.
| Script | SHA-384 integrity hash |
|---|---|
| js/socket.io.min.js | sha384-2huaZvOR9iDzHqslqwpR87isEmrfxqyWOF7hr7BY6KG0+hVKLoEXMPUJw3ynWuhO |
| js/qr-creator.min.js | sha384-cmmVU8dn+rGH6Yvlt0Q1+31iG9lS4wdVsqV/ZP/53RBddef+VZcYakA+NhG4S8wE |
| js/noble-bundle.js | sha384-5Ebee1TT4HsgIqMOhDJRWdKOqeD4jWEfN/2hOfFkzc46I29kXcDB/EtqDqz9jaHb |
| js/noise.js | sha384-9kGQ0g7mwTbaR7FjCU/EoUUti6tBf9tLPYoaFvjSthRKB+59aO7xwGG7H029Kalt |
| js/ratchet.js | sha384-qHzLumbwrhKZxELTEVp/UnzvciLzBmkmzIvehTPGImohd4ZwJpo9v1U2xHB5pG50 |
| js/crypto.js | sha384-OjLZ7A5d53zeDS5E5iv1/qPGxENEP2dzTOmT9ft2cSSurhtjy9IdcXBf4uzhSARz |
| js/session.js | sha384-cxYB/ShOjMBjEAECJq8Kl125diss0Z/XLq36wPPC/AkvT6y4VIksdfvHsOQpkkDd |
Support sendit.chat
If sendit.chat is useful to you, you can help keep it online with a one-time tip.
☕ Buy me a coffee
Scan to open the Buy Me a Coffee page.