FileShot.io — Example of Zero-Knowledge Architecture in Node.js #1358
Description
Hi! Suggesting FileShot.io as a real-world example of a security best practice: never trusting the server with encryption keys.
FileShot.io has a Node.js backend that receives only encrypted file blobs. Encryption and decryption happen entirely in the browser (AES-256-GCM via SubtleCrypto). The decryption key travels only via URL fragment — never sent to the server, never logged.
This demonstrates the principle of minimizing server-side trust surface — relevant for Node.js security architecture discussions.
MIT licensed. Website: https://fileshot.io | GitHub: https://github.com/FileShot/FileShotZKE