Zero-knowledge · Self-destructing · Encrypted
Notes that disappear.
Keys that never leave you.
Send a secret message, a password, a private thought — encrypted in your browser, destroyed after reading. We hold the ciphertext. You hold the key. We can never combine them.
5 free notes when you register. No credit card required.
The cryptographic model
Half the key is in the link. Half is on our server.
We never have both.
// When you create a note:
randomToken = 64 hex chars
tokenId = first 32 chars → stored on server
secret = last 32 chars → embedded in link only
key = SHA-256( secret )
ciphertext = AES-256-GCM( content, key )
// Server stores: tokenId + ciphertext
// Link contains: tokenId + secret
// Server alone: useless. Link alone: useless.
You create
Browser encrypts. Secret stays in the URL. We get only a locked box.
You share
Send the link. The key travels with it — invisible in the URL fragment.
They reveal
One click. Content decrypted in their browser. View count decrements. Gone forever.
How it works
- 1
Write your note
Type anything — a password, an address, a confession. Set how many times it can be viewed (1 to 100). Optionally add a title.
- 2
Your browser encrypts it
Before anything leaves your device, your browser generates a random encryption key and encrypts the note with AES-256-GCM. The key never travels to our server.
- 3
Share the link
You get a unique URL. The decryption key is embedded in the link itself. Send it over any channel you'd trust with the secret.
- 4
It self-destructs
After the view limit is reached — or after 24 hours — the encrypted note is permanently deleted from our servers. There is no recovery. It goes into the void.
What people send
Passwords
Share a temporary credential without leaving it in chat logs.
API keys
Hand off a secret to a colleague, then know it's gone.
Private notes
Write something that should only be read once.
Recovery codes
Send 2FA backup codes that vanish after use.
Sensitive links
Share a private URL that expires after one click.
Anything private
If you'd regret it staying in someone's inbox, send it here.
Works from anywhere
Native SDKs for every language. A CLI for every shell. A plain JSON API for everything else. The same zero-knowledge encryption — no plaintext ever leaves your environment.
npm install voidnote-sdk pip install voidnote go get github.com/quantum-encoding/voidnote-go cargo add voidnote zig fetch --save …/voidnote-zig implementation("net.voidnote:voidnote-java:0.1.0") # macOS / Linux via Homebrew
brew tap quantum-encoding/tap && brew install voidnote
# pipe secrets in, read them out
echo "db-pass" | voidnote create --api-key vn_... --quiet
https://voidnote.net/note/a1b2c3...
voidnote read https://voidnote.net/note/a1b2c3...
db-pass
# note destroyed
Human → Agent credential handoff
Most teams share secrets over Slack, email, or a `.env` file committed to a private repo. VoidNote makes single-use credential delivery as simple as pasting a link.
- 1 Generate an API key or database credential
- 2 Create a VoidNote with 1 view — takes 5 seconds
- 3 Paste the link into your AI coding assistant's context, your CI runner, or your colleague's terminal
- 4 The agent fetches the secret, uses it, and the note self-destructs — never in a config file, a chat log, or a commit
The secret existed in transit for seconds. No secrets manager to operate. No vault subscription.
Just a URL that works once and then ceases to exist.
Pricing
Credits. No subscription. Buy once, use whenever.
5
notes
Free
On registration
100
notes
$5
$0.05 / note
500
notes
$20
$0.04 / note
1,000
notes
$35
$0.035 / note
Credits never expire. Pay with USDT, USDC, ETH, or BTC — direct on-chain, no middleman.
What we can't do
- ✓ Read your notes — the key never reaches us
- ✓ Recover a destroyed note — deletion is permanent
- ✓ Prevent expiry — 24h maximum lifetime, enforced server-side
- ✓ Access your account without your password — we don't store it in recoverable form