One-Time Secure Delivery.
Then It's Gone.
Send encrypted messages, files, and credentials through self-destructing drops that burn after a single read. With steganography, time locks, and multi-path delivery β built for when even the channel needs to disappear.
Create a Dead Drop →Built for Ephemeral Security
Every Dead Drop follows a strict lifecycle: create, deliver, destroy. No re-downloads, no server copies, no digital footprint.
Burn-After-Read
Once the recipient opens the drop, the encrypted payload is permanently destroyed on the server. There is no second chance β no re-download, no backup, no recovery. The data exists only for the moment it's needed.
Self-DestructSteganographic Delivery
Hide your encrypted payload inside an ordinary image. The carrier image looks like a normal photo β only the recipient with the correct key can extract the hidden message. Perfect for hostile network environments.
SteganographyTime-Locked Encryption
Set a time window for your drop. The encrypted content automatically expires and is purged from the server if not retrieved within the specified timeframe β even if no one reads it.
Time LockMulti-Path Delivery
Split the decryption key across multiple shares using Shamir's Secret Sharing. The drop can only be decrypted when all shares are reunited β delivered through separate channels for maximum security.
Shamir's SharesCreate. Deliver. Destroy.
A Dead Drop follows a strict lifecycle. No account needed, no pairing required β just a link and a key.
Compose Your Drop
Write your message or attach a file. Choose your options: steganography, time lock, multi-path shares. Everything is encrypted client-side with AES-256-GCM before leaving your device.
Share the Link
You receive a unique retrieval URL containing the drop code. The decryption key is embedded in the URL fragment β it never touches the server. Share via any channel you trust.
Recipient Retrieves & Burns
The recipient opens the link, the message is decrypted in their browser, and the server permanently deletes the encrypted payload. One read. Zero traces.
When You Need One-Time Delivery
Dead Drops are designed for handoff, not conversation. Here's when they're the right tool.
Incident Response
Share breach details, indicators of compromise, and forensic screenshots with your security team β without leaving evidence in Slack or email.
Credential Delivery
Send temporary passwords, API keys, or recovery codes that self-destruct after a single read. No more "I sent it in Slack" risks.
Legal & Compliance
Deliver sensitive legal documents, contracts, or compliance reports with guaranteed destruction after retrieval. Full audit trail on client side.
Whistleblower Sources
Accept anonymous tips through steganographic drops that are indistinguishable from normal images. No metadata, no trail, no exposure.
Healthcare / HIPAA
Transfer patient data or test results securely with time-locked drops that expire within hours. Compliant with data minimization requirements.
Enterprise File Transfer
Send board-level documents, M&A materials, or financial reports through encrypted drops with multi-path key splitting for dual-authorization.
Dead Drop Rules
These aren't just features β they're architectural constraints that cannot be bypassed.
✓ Enforced
- ✓ One-time retrieval β deleted after first read
- ✓ Client-side AES-256-GCM encryption
- ✓ Decryption key never touches the server
- ✓ Automatic expiration on time-locked drops
- ✓ No account or pairing required
- ✓ File attachments (up to 25 MB)
- ✓ Client-side hash-chained audit log
✗ By Design, Never
- ✗ No re-download or second read
- ✗ No server-side preview or rendering
- ✗ No cloud storage or backup copies
- ✗ No forwarding mechanism
- ✗ No link to sender identity
- ✗ No metadata logging on server
- ✗ No recovery after burn
Try a Dead Drop Now
No account needed. Compose an encrypted message, get a link, share it. The recipient reads it once β then it's gone forever.