We share sensitive content constantly. Meeting notes with financials. API keys for a new developer. Client reports with confidential metrics. A one-time code. A private link. And we share them through channels that store everything permanently — Slack logs, email archives, cloud pastes indexed by Google.
The problem isn't sharing. The problem is that shared content should have a lifespan. And the people you share it with should be the only ones who can read it — not the hosting service, not a hacker who breaches the server, not a subpoena.
That's why I built JunoVault.
The Problem: Permanent by Default
Paste API keys in Slack DMs. Email credentials in plaintext. Drop meeting notes in Pastebin. Screenshot financials and send via iMessage.
Every one of these channels logs, indexes, and stores your content indefinitely. A breach six months from now exposes what you shared today.
Content encrypted before it leaves your machine. Server stores only gibberish. Link auto-expires. Optional one-time viewing. Optional password layer.
Even if the server is compromised, the attacker gets encrypted noise — they'll never have the key.
How Zero-Knowledge Encryption Works
The magic of JunoVault is in where the encryption key lives. It never touches the server. Here's the exact flow:
The #k=... portion of a URL is called the fragment. By HTTP specification, fragments are never sent to the server — not in headers, not in logs, not in analytics. The server physically cannot read your content.
When someone opens the vault link, their browser fetches the encrypted ciphertext from the server, extracts the key from the URL fragment, and decrypts everything locally. The server acts as a blind storage locker — it holds the box but never has the combination.
Features
Vault self-destructs after the first view. The server deletes the ciphertext immediately after returning it. Perfect for one-time passwords, secrets, and sensitive links.
Every vault has a TTL — from 1 hour to 7 days. When time runs out, the data is gone. A live countdown badge shows viewers exactly how much time remains.
Add a second layer with an auto-generated 4-character code. Share the link one way, the password another. Even with the URL, they can't access the vault without the code.
Content breathes with a gentle heartbeat rhythm — opacity fading in and out. A visual reminder that this content is alive, temporary, and fleeting. Unlike anything else out there.
Instead of random slugs, create memorable paths like /v/q1-report or /v/api-keys-for-dev. Branded, clean, and easy to share verbally.
Vaults render as full web pages — complete with CSS, fonts, and layouts. Share styled reports, dashboards, landing page previews, or documentation that looks exactly as intended.
Built for the AI Workflow
Here's where JunoVault gets interesting. I built an MCP (Model Context Protocol) server that lets AI tools like Claude Code create encrypted vaults programmatically.
The workflow looks like this:
// Claude encrypts the HTML and creates a vault automatically
User: "Analyze the Q1 data and share a report"
Claude: create_vault({
html: "<full styled HTML report>",
title: "Q1 Performance Report",
ttlHours: 48,
burnAfterRead: true
})
Result: https://jv.maelify.com/v/a8k3m#k=xR9_kLm...
// Share this link — it self-destructs after first view
No copy-pasting into external tools. No saving files to disk. The AI generates content, encrypts it, and produces a shareable link — all in one step. The encryption happens before the data hits the network.
This is the first sharing service designed to be a native tool in the AI development workflow.
Why Not Just Use Pastebin?
| Feature | JunoVault | Pastebin | PrivateBin |
|---|---|---|---|
| Zero-Knowledge Encryption | ✓ | ✗ | ✓ |
| Auto-Expiration | ✓ 1h–7d | ✗ | ✓ |
| Burn After Read | ✓ | ✗ | ✓ |
| Password Layer | ✓ auto-gen | ✗ | ✓ |
| Custom URLs | ✓ Curve Sharing | ✗ | ✗ |
| Pulse Mode | ✓ Unique | ✗ | ✗ |
| AI Tool Integration (MCP) | ✓ Native | ✗ | ✗ |
| Full HTML Rendering | ✓ | ✗ text only | ✗ text only |
| Modern UI | ✓ | dated | functional |
| Account Required | No | Optional | No |
| Self-Hosting Required | No | No | Yes |
PrivateBin does encryption right, but it requires self-hosting — most teams won't bother. Pastebin has zero encryption and stores everything forever. JunoVault gives you enterprise-grade encryption with the convenience of a hosted service, plus features neither competitor has: full HTML rendering, AI integration, pulse mode, and custom branded URLs.
The Technical Stack
Encryption
AES-128-GCM via the Web Crypto API (browser) and Node.js crypto (MCP server). GCM mode provides both confidentiality and authenticity — if anyone tampers with the ciphertext, decryption fails entirely. No silent corruption.
Storage
Upstash Redis with native TTL expiration. When a vault's time runs out, Redis deletes the key automatically. No cron jobs, no cleanup scripts. The data simply ceases to exist.
Frontend
Next.js 14 with the App Router, TypeScript, and Tailwind CSS. Server-side rendering for the landing page, client-side decryption for vault viewing. Deployed on Vercel with edge functions.
Design
Warm dark palette — saddle brown, tan, dusty pink — with organic border radii and glassmorphic surfaces. The UI feels less like a security tool and more like something you'd want to use. Because privacy shouldn't require an ugly interface.
Use Cases
Share API keys, database credentials, and deployment tokens with burn-after-read. The link works once, then it's gone. No more "delete that message from Slack" conversations.
Send client reports, audit results, and financial summaries as beautiful full-page vaults that auto-expire after review. Professional presentation with built-in confidentiality.
Share code snippets, error logs, and configuration files with colleagues. Use the MCP server to share AI-generated reports directly from Claude Code without leaving the terminal.
Private notes that disappear. Temporary links for event details. One-time messages that can't be forwarded or screenshot-proof because they'll expire before anyone thinks to save them.
The Principle
Most tools are built to keep your data. JunoVault is built to let it go.
In a world where every message is logged, every paste is indexed, and every share lives forever in some server's backup — there should be a way to say: "This information has a purpose, a recipient, and a lifespan. After that, it should not exist."
That's not paranoia. That's architecture.
Try JunoVault → jv.maelify.comNo account. No install. Just encrypted, ephemeral sharing.