Hemmelig.app is a client-side encrypted secret sharing platform that ensures sensitive information remains private by never storing plaintext or keys on the server.
Keep your sensitive information out of chat logs, emails, and more with encrypted secrets.
Hemmelig.app is designed for individuals and organizations who need to securely share sensitive data such as credentials, confidential messages, or files without risking exposure in chat logs or emails. Users create encrypted secrets with configurable expiration, password protection, and access restrictions, then share secure links with recipients who can decrypt the data client-side.
All encryption is performed client-side, ensuring that plaintext secrets and decryption keys never reach the server, enhancing security. Users should securely share the URL containing the decryption key fragment, as possession of this link grants access to the secret. For self-hosting, proper environment configuration and secure deployment are essential. Rate limiting and IP restrictions help mitigate abuse.
Visit https://hemmelig.app to use the SaaS platform directly
For self-hosting, clone the repository from https://github.com/HemmeligOrg/Hemmelig.app
Deploy on a cloud provider such as Hetzner Cloud (recommended)
Configure environment variables including SECRET_ANALYTICS_ENABLED for analytics
Use Docker image hemmeligapp/hemmelig for containerized deploymentVisit https://hemmelig.app and enter your sensitive information
Start by inputting the secret you want to share securely.
Configure your secret with expiration time, optional password, view limits, and IP restrictions
Set parameters to control secret lifetime and access.
Click 'Create secret link' to generate a secure URL
Generates a unique encrypted secret link to share.
Share the generated link with your recipient
Recipient uses the link to decrypt the secret client-side.
encryptedData = encrypt(yourSecretData, uniqueEncryptionKey)
Example JavaScript encryption flow showing client-side encryption before sending data.