{"id":26502711,"url":"https://github.com/mcc/secret-sharing-app","last_synced_at":"2026-04-15T23:31:48.720Z","repository":{"id":283417896,"uuid":"951642678","full_name":"mcc/secret-sharing-app","owner":"mcc","description":"A secure, zero-trust secret-sharing app built with Cloudflare Pages and KV. Features optional E2EE, server-side encryption, auto-expiry with timers, OTP verification, and QR code sharing. Share secrets effortlessly via a sleek UI or API.","archived":false,"fork":false,"pushed_at":"2025-03-20T08:10:40.000Z","size":33,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-07T03:58:05.338Z","etag":null,"topics":["cloudflare","cloudflare-kv","end-to-end-encryption","generated-by-ai","password","secret-sharing","vibe-coding"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mcc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-20T02:27:40.000Z","updated_at":"2025-03-20T08:10:43.000Z","dependencies_parsed_at":"2025-03-20T06:36:58.948Z","dependency_job_id":null,"html_url":"https://github.com/mcc/secret-sharing-app","commit_stats":null,"previous_names":["mcc/secret-sharing-app"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/mcc/secret-sharing-app","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mcc%2Fsecret-sharing-app","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mcc%2Fsecret-sharing-app/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mcc%2Fsecret-sharing-app/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mcc%2Fsecret-sharing-app/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mcc","download_url":"https://codeload.github.com/mcc/secret-sharing-app/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mcc%2Fsecret-sharing-app/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31864980,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-15T15:24:51.572Z","status":"ssl_error","status_checked_at":"2026-04-15T15:24:39.138Z","response_time":63,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudflare","cloudflare-kv","end-to-end-encryption","generated-by-ai","password","secret-sharing","vibe-coding"],"created_at":"2025-03-20T18:24:08.305Z","updated_at":"2026-04-15T23:31:48.703Z","avatar_url":"https://github.com/mcc.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Secret Sharing App\n\nA secure, zero-trust secret-sharing app built with **Cloudflare Pages** and **KV**. Features optional E2EE, server-side encryption, auto-expiry with timers, OTP verification, and QR code sharing. Includes a dark-themed UI and API for effortless secret management.\n\n## Features\n- **UI and API**: Create, retrieve, and remove secrets via a dark-themed web interface or programmatically.\n- **Zero Trust**: Server never sees plaintext secrets; encryption is client-side.\n- **Encryption**: Optional client-side AES-GCM (user password or auto-generated key) + server-side AES-GCM (session key encrypted with master key).\n- **Auto-Expiry**: Options for 5 minutes, 10 minutes, 1 day (default), or 1 week with a countdown timer.\n- **Retrieval Limits**: Configurable max attempts (1-10), with removal option and initial code existence check.\n- **Secret Link**: 6-character short code + 4-digit OTP, with optional 4-character key for non-E2EE secrets.\n- **QR Code**: Generated for easy sharing with clear instructions.\n- **Security**: Autocomplete/autofill disabled for all fields.\n- **Styling**: Dark theme using Tailwind CSS via CDN.\n\n## Prerequisites\n- A Cloudflare account with Pages and KV enabled.\n- Node.js and npm installed locally for development.\n- `wrangler` CLI installed (`npm install -g wrangler`).\n\n## Setup\n\n### 1. Clone the Repository\n```bash\ngit clone \u003crepository-url\u003e\ncd secret-sharing-app\n```\n\n### 2. Install Dependencies\n```bash\nnpm install\n```\n\n### 3. Configure Cloudflare KV\n- In the Cloudflare dashboard, go to **Workers \u0026 Pages \u003e KV**.\n- Create a namespace (e.g., `secrets`).\n- Note the KV namespace ID.\n- Update `wrangler.toml` with the ID:\n  ```toml\n  [[kv_namespaces]]\n  binding = \"SECRETS_KV\"\n  id = \"\u003cyour-kv-namespace-id\u003e\"\n  ```\n\n### 4. Set Up Master Server Key\n- Generate a 256-bit key:\n  ```bash\n  openssl rand -base64 32\n  ```\n  Example output: `X7k9p2mQv8sL4nJ6tR3wY5zA1bC0dE2f`\n- For local dev, add to `.dev.vars`:\n  ```bash\n  echo \"MASTER_SERVER_KEY=X7k9p2mQv8sL4nJ6tR3wY5zA1bC0dE2f\" \u003e .dev.vars\n  ```\n- For production, in Cloudflare Pages, go to **Settings \u003e Environment Variables \u003e Secrets**, add `MASTER_SERVER_KEY`.\n\n### 5. Deploy to Cloudflare Pages\n- Link your repository to Cloudflare Pages via GitHub/GitLab.\n- Or deploy manually:\n  ```bash\n  npx wrangler pages deploy ./public --project-name secret-sharing-app\n  ```\n\n## Development\n\n### 1. Run Locally\n- Start a local dev server:\n  ```bash\n  npx wrangler pages dev ./public --kv SECRETS_KV\n  ```\n- Open `http://localhost:8788` to test the app.\n\n### 2. Test Features\n- **Create a Secret**: Visit `/index.html`, enter a secret, toggle E2EE, set expiry and attempts, and submit. Share the generated link/QR code and OTP.\n- **Retrieve a Secret**: Use the link or go to `/retrieve.html?code=\u003cshort-code\u003e\u0026key=\u003coptional-key\u003e`. Page checks code existence on load; input OTP and (if E2EE) password. View timer and removal option.\n- **Remove a Secret**: After retrieval, click \"Remove Secret\" to delete it from KV.\n\n### 3. Debugging\n- Check logs in the terminal or add `console.log` in Functions and `script.js`.\n\n## Customization\n\n### 1. Modify Expiry Options\n- Edit `public/index.html` to change expiry options:\n  ```html\n  \u003cselect id=\"expiry\" class=\"w-full p-2 border border-gray-600 rounded bg-gray-700 text-gray-100 focus:outline-none focus:ring-2 focus:ring-blue-500\"\u003e\n    \u003coption value=\"300\"\u003e5 Minutes\u003c/option\u003e\n    \u003coption value=\"600\"\u003e10 Minutes\u003c/option\u003e\n    \u003coption value=\"86400\" selected\u003e1 Day\u003c/option\u003e\n    \u003coption value=\"604800\"\u003e1 Week\u003c/option\u003e\n    \u003c!-- Add more options here --\u003e\n  \u003c/select\u003e\n  ```\n\n### 2. Adjust Styling\n- Modify Tailwind classes in `public/index.html` and `public/retrieve.html` via the CDN script (e.g., toggle dark/light theme by removing `dark` class from `\u003chtml\u003e`).\n\n### 3. Change Short Code or Key Length\n- In `functions/api/create.js`, adjust the short code length:\n  ```javascript\n  const code = crypto.randomUUID().slice(0, 8); // Change 6 to desired length\n  ```\n- In `script.js`, adjust the offline key length:\n  ```javascript\n  function generateOfflineKey() {\n    const chars = \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\";\n    let key = \"\";\n    for (let i = 0; i = 8; i++) { // Change 4 to desired length\n      key += chars.charAt(Math.floor(Math.random() * chars.length));\n    }\n    return key;\n  }\n  ```\n\n### 4. API Customization\n- Modify responses in `functions/api/create.js`, `functions/api/retrieve.js`, `functions/api/remove.js`, or `functions/api/check.js`.\n\n## Production Use\n\n### 1. Deploy to Production\n- Push changes to your linked Git repository, and Cloudflare Pages will auto-deploy.\n- Or use:\n  ```bash\n  npx wrangler pages deploy ./public --project-name secret-sharing-app\n  ```\n\n### 2. API Usage\n- **Create Secret**:\n  ```bash\n  curl -X POST https://\u003cyour-pages-domain\u003e/api/create \\\n  -H \"Content-Type: application/json\" \\\n  -d '{\"encrypted\": \"\u003cbase64-encrypted-secret\u003e\", \"iv\": \"\u003cbase64-iv\u003e\", \"expiry\": 86400, \"maxAttempts\": 3, \"isE2EE\": true}'\n  ```\n  Response:\n  ```json\n  {\"success\": true, \"code\": \"abc123\", \"otp\": \"4567\"}\n  ```\n\n- **Check Secret Existence**:\n  ```bash\n  curl https://\u003cyour-pages-domain\u003e/api/check?code=abc123\n  ```\n  Response:\n  ```json\n  {\"success\": true, \"message\": \"Secret exists\"}\n  ```\n\n- **Retrieve Secret**:\n  ```bash\n  curl https://\u003cyour-pages-domain\u003e/api/retrieve?code=abc123\u0026otp=4567\n  ```\n  Response:\n  ```json\n  {\"success\": true, \"encrypted\": \"\u003cbase64-encrypted-secret\u003e\", \"iv\": \"\u003cbase64-iv\u003e\", \"attemptsLeft\": 2, \"isE2EE\": true, \"expiry\": 1641234567890}\n  ```\n\n- **Remove Secret**:\n  ```bash\n  curl -X DELETE https://\u003cyour-pages-domain\u003e/api/remove?code=abc123\n  ```\n  Response:\n  ```json\n  {\"success\": true}\n  ```\n\n### 3. Security Considerations\n- Ensure `MASTER_SERVER_KEY` is kept secret and rotated periodically.\n- Use HTTPS (automatic with Cloudflare).\n- Autocomplete/autofill disabled for all fields to prevent browser caching.\n- Monitor KV usage to avoid exceeding free tier limits (100K reads/day).\n- The 4-character offline key is basic; consider increasing length for non-E2EE secrets.\n\n### 4. Scaling\n- For high traffic, consider Cloudflare’s paid KV plans.\n- Optimize QR code generation for performance if needed.\n\n## Project Structure\n```\nmy-secret-app/\n├── functions/\n│   ├── api/\n│   │   ├── create.js      # API to create a secret\n│   │   ├── retrieve.js    # API to retrieve a secret\n│   │   ├── remove.js      # API to remove a secret\n│   │   └── check.js       # API to check secret existence\n├── public/\n│   ├── index.html         # UI for creating secrets\n│   ├── retrieve.html      # UI for retrieving secrets\n│   ├── script.js          # Client-side logic\n├── wrangler.toml          # Cloudflare configuration\n└── package.json           # Dependencies\n```\n\n## License\nMIT License - feel free to use and modify!","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmcc%2Fsecret-sharing-app","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmcc%2Fsecret-sharing-app","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmcc%2Fsecret-sharing-app/lists"}