How DocuChan works

Plain language, no marketing. Here's exactly what happens to your file.

1. Encryption happens in your browser

When you upload, your browser generates a random AES-256-GCM key and encrypts the file before any bytes leave your device. We only ever receive ciphertext.

2. The key never reaches our servers

The decryption key is placed in the part of the share link after the # symbol (the "fragment"). Browsers never send the fragment to servers — so even if we wanted to, or were compelled to, we cannot read your file. No backdoors.

3. Optional password

If you add a password, we store only a one-way verifier derived from it (PBKDF2) — never the password itself. It acts as an extra gate on top of the encryption.

4. It deletes itself

Choose burn-after-download and the file is hard-deleted from storage the moment the download completes. Otherwise it expires after the window you pick (up to 7 days) and a background janitor purges it. We verify the bytes are actually gone — not just flagged.

What we can't do (on purpose)

Because end-to-end encrypted files are opaque to us, we can't scan their contents or preview them. To keep the service from being abused we rely on behavioural signals (rate limits, abuse reports) rather than reading anyone's files. Every download page has a Report this file link.