How your files stay private — and what the actual guarantees are.
Most "secure" file transfer tools encrypt data in transit but leave a copy on a server. That server — or anyone who compromises it — can eventually access that copy.
chirpfile takes a different approach. The file is encrypted in your browser before anything is uploaded. The decryption key is transmitted as sound — it never touches any network. A remote attacker who intercepts the server gets only unreadable ciphertext with no key to open it.
1. Encrypt locally
Your browser encrypts the file using AES-GCM via the Web Crypto API before a single byte is sent anywhere. The key exists only in your device's RAM.
2. Upload the ciphertext
The encrypted blob is uploaded to our relay. The server has no key. It is holding something it cannot read.
3. Chirp the key
The decryption key is encoded into a 1–2 second sound using ggwave (open-source FSK). In Ultrasound mode this is inaudible to people in the room. The key travels as air pressure — not as a network packet.
4. Decrypt and delete
The receiving device hears the chirp, pulls the blob, and decrypts locally. The relay deletes the blob immediately. All blobs auto-expire after 15 minutes regardless.
Server breach. The server holds only ciphertext. There is no key stored on our infrastructure. A full database dump gives an attacker nothing usable.
Man-in-the-middle. Because the key never travels over a network, it cannot be intercepted by monitoring Wi-Fi, DNS, or TLS traffic.
Forwardable links. The encrypted blob is deleted after the first download. There is no persistent URL to forward.
Replay attacks. Each transfer uses a fresh key. Old ciphertext cannot be re-decrypted with a new chirp.
Subpoena of our servers. We cannot hand over keys we don't have.
chirpfile is designed for a specific threat: remote attackers. We'd rather be honest about the limits than overclaim.
A microphone physically in the room. If a recording device is present and listening when the chirp plays, it could capture the key. This requires an attacker who is already physically present with you.
A compromised receiving device. Once the file is decrypted on the receiver's machine, what happens to it is beyond our control.
Remote transfers. Practical decode range is under 1 meter in Ultrasound mode. This is not a replacement for secure messaging when both parties are not in the same room.
Encryption: AES-GCM via the Web Crypto API, entirely in-browser. Acoustic encoding: ggwave (MIT license), an open-source FSK library. No proprietary or unaudited cryptography.
Short text under ~120 characters bypasses the relay entirely and is chirped as a direct acoustic payload — nothing is uploaded at all.