An open API service indexing awesome lists of open source software.

https://github.com/raullenchai/vnsh

The Ephemeral Dropbox for AI. Host-blind, client-side encrypted sharing for logs, diffs, and images. Vaporizes in 24h.
https://github.com/raullenchai/vnsh

claude cli encryption file-sharing host-blind mcp privacy

Last synced: 4 months ago
JSON representation

The Ephemeral Dropbox for AI. Host-blind, client-side encrypted sharing for logs, diffs, and images. Vaporizes in 24h.

Awesome Lists containing this project

README

          


vnsh logo

vnsh


The Ephemeral Dropbox for AI


Build Status
npm vnsh-cli
npm vnsh-mcp
GitHub Action
License


Website β€’
Quick Start β€’
How It Works β€’
Self-Hosting β€’
API

---

## What is vnsh?


vnsh demo

**Stop pasting walls of text into Claude.** Pipe your logs, diffs, and images into a secure, host-blind URL. The server sees nothing. The data vaporizes in 24 hours.

```bash
# Pipe anything to vnsh, get a secure link
git diff | vn
# https://vnsh.dev/v/aBcDeFgHiJkL#R_sI4DHZ_6jNq6yqt2ORRDe9QZ5xQB6hIRLWHVFa8v8
```

### Handles any context your AI needs:

- πŸ–ΌοΈ **Screenshots** β€” UI bugs, error dialogs, terminal output
- πŸ“œ **Logs** β€” 5000+ lines of server errors (too long for copy-paste)
- πŸ”„ **Git Diffs** β€” Complex PR reviews, multi-file changes
- πŸ“¦ **Binaries** β€” PDFs, CSVs, config files, database dumps
- πŸ”§ **Debug Context** β€” Stack traces, environment dumps, crash reports

## Philosophy

> *"Built for the ephemeral nature of AI workflows. Once your session is done, the data should be too."*

Unlike Dropbox or pastebins, vnsh implements a **Zero-Access Architecture** with automatic vaporization:

| Layer | What Happens |
|-------|--------------|
| **Encryption** | AES-256-CBC encryption happens entirely on your device |
| **Transport** | Decryption keys travel only in the URL fragment (`#secret`) β€” never sent to servers |
| **Storage** | Server stores encrypted binary blobs with zero knowledge of contents |
| **Vaporization** | Data auto-destructs after 24 hours. No history. No leaks. |

## Quick Start

### Option 1: Web Upload

Visit **[vnsh.dev](https://vnsh.dev)**, drag & drop a file, or paste text. Get an encrypted link instantly.

### Option 2: CLI Installation

**NPM** (recommended for Node.js users):
```bash
npm install -g vnsh-cli
```

**Homebrew** (macOS/Linux):
```bash
brew tap raullenchai/vnsh
brew install vnsh
```

**Shell script** (cross-platform: macOS, Linux, WSL, Git Bash):
```bash
curl -sL https://vnsh.dev/i | sh
```

### CLI Usage

```bash
# Upload a file
vn secrets.env

# Pipe from stdin
cat crash.log | vn
docker logs app | vn
git diff HEAD~5 | vn

# Read/decrypt a URL
vn read "https://vnsh.dev/v/aBcDeFgHiJkL#R_sI4DHZ..."

# Custom expiry (1-168 hours)
vn --ttl 1 temp-file.txt # expires in 1 hour

# Show version and help
vn --version
vn --help
```

### Option 3: Claude Code (MCP Integration)

**Native to Claude Code.** Unlike Dropbox, vnsh has a first-party MCP server. Claude can "see" inside your encrypted links without leaving the terminal.

Create `.mcp.json` in your project root:

```json
{
"mcpServers": {
"vnsh": {
"command": "npx",
"args": ["-y", "vnsh-mcp"]
}
}
}
```

Restart Claude Code after adding the config. Now Claude can:
- **Read** vnsh links automatically when you paste them
- **Share** large text outputs via `vnsh_share` tool
- **Share files** (images, PDFs, binaries) via `vnsh_share_file` tool

### Option 4: Zero-Install (Remote Servers)

**No installation needed.** Pipe anything from any server with just `curl` and `openssl`:

```bash
# One-liner: encrypt and upload from any machine
cat error.log | bash <(curl -sL vnsh.dev/pipe)
# https://vnsh.dev/v/aBcDeFgHiJkL#R_sI4DHZ_6jNq6yqt2ORRDe9...

# Works with any command
kubectl logs pod/crash | bash <(curl -sL vnsh.dev/pipe)
docker logs app 2>&1 | bash <(curl -sL vnsh.dev/pipe)
journalctl -u nginx --since "1 hour ago" | bash <(curl -sL vnsh.dev/pipe)

# Custom TTL (hours)
cat secrets.env | bash <(curl -sL vnsh.dev/pipe?ttl=1)
```

Perfect for SSH sessions, CI runners, Docker containers β€” anywhere you can't install tools.

### Option 5: Chrome Extension

**One-click encrypted debug bundles for AI.** Share text, screenshots, and console errors directly from your browser.

- **Right-click** any selected text β†’ **Share via vnsh**
- **`Cmd+Shift+D`** β†’ **AI Debug Bundle** (screenshot + console errors + selected text + URL, all encrypted)
- **Hover** over vnsh links on any page β†’ see decrypted preview tooltip

Build from source or install from the Chrome Web Store (pending review):

```bash
cd extension && npm install && npm run build
# Load dist/ as unpacked extension in chrome://extensions/
```

See [extension/README.md](extension/README.md) for full documentation.

### Option 6: GitHub Action (CI/CD)

**Debug CI failures with Claude in one click.** When your CI fails, automatically upload logs and post a secure link to your PR.

```yaml
- name: Debug with vnsh
if: failure()
uses: raullenchai/upload-to-vnsh@v1
with:
file: test.log
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
```

The action will post a comment to your PR:

> πŸ” **Debug with Claude**
>
> CI logs uploaded securely. [View Logs](https://vnsh.dev/v/...) | Paste link to Claude for instant analysis

See [upload-to-vnsh](https://github.com/raullenchai/upload-to-vnsh) for full documentation.

## How It Works

```
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ YOUR DEVICE β”‚
β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚
β”‚ β”‚ Data │───▢│ AES-256-CBC │───▢│ Encrypted Blob + URL Fragment β”‚ β”‚
β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ Encryption β”‚ β”‚ https://vnsh.dev/v/id#k=... β”‚ β”‚
β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
β”‚
Only encrypted blob sent to server
(key stays in URL fragment, never transmitted)
β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ VNSH SERVER (BLIND) β”‚
β”‚ β”‚
β”‚ Receives: [encrypted binary blob] β”‚
β”‚ Stores: [encrypted binary blob] β”‚
β”‚ Knows: upload time, size, expiry β”‚
β”‚ Cannot: decrypt, identify content type, read keys β”‚
β”‚ β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
```

### URL Structure (v2 β€” compact format)

```
https://vnsh.dev/v/aBcDeFgHiJkL#R_sI4DHZ_6jNq6yqt2ORRDe9QZ5xQB6hIRLWHVFa8v8jYCFqgQIbsRJrtJze_nL5
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
12-char ID 64-char base64url secret (key+iv, never sent to server)
```

The v2 format reduces URL length by ~40% (from ~160 to ~95 characters). Legacy v1 URLs (`#k=...&iv=...`) are still fully supported.

## Self-Hosting

vnsh runs on Cloudflare Workers with R2 storage. Deploy your own instance:

### Prerequisites
- [Cloudflare account](https://cloudflare.com) with Workers & R2 enabled
- [Wrangler CLI](https://developers.cloudflare.com/workers/wrangler/)

### Deploy

```bash
# Clone the repository
git clone https://github.com/raullenchai/vnsh.git
cd vnsh/worker

# Install dependencies
npm install

# Create R2 bucket
wrangler r2 bucket create vnsh-store

# Deploy
wrangler deploy
```

### Configuration

Edit `wrangler.toml` to customize:

```toml
name = "vnsh"

[[r2_buckets]]
binding = "VNSH_STORE"
bucket_name = "vnsh-store" # Your R2 bucket name

[[kv_namespaces]]
binding = "VNSH_META"
id = "your-kv-namespace-id" # Create with: wrangler kv namespace create VNSH_META
```

## API Reference

### `POST /api/drop`

Upload an encrypted blob.

```bash
curl -X POST https://vnsh.dev/api/drop \
-H "Content-Type: application/octet-stream" \
--data-binary @encrypted.bin
```

**Query Parameters:**
| Parameter | Type | Description |
|-----------|------|-------------|
| `ttl` | number | Time-to-live in hours (1-168, default: 24) |
| `price` | number | Payment required to access (x402 protocol) |

**Response:**
```json
{
"id": "a1b2c3d4-5678-90ab-cdef-1234567890ab",
"expires": "2025-01-25T00:00:00.000Z"
}
```

### `GET /api/blob/:id`

Download an encrypted blob.

```bash
curl https://vnsh.dev/api/blob/a1b2c3d4-5678-90ab-cdef-1234567890ab
```

**Response Codes:**
| Code | Description |
|------|-------------|
| 200 | Success β€” returns encrypted blob |
| 402 | Payment required |
| 404 | Not found |
| 410 | Expired |

### `GET /v/:id`

Web viewer (serves HTML directly to preserve URL fragment with encryption keys).

### `GET /i`

CLI installation script.

### `GET /pipe`

Zero-install pipe upload script. Returns a shell script that encrypts stdin and uploads it.

```bash
cat file.log | bash <(curl -sL vnsh.dev/pipe)
```

Query Parameters:

| Parameter | Type | Description |
|-----------|--------|------------------------------------------|
| `ttl` | number | Time-to-live in hours (1-168, default: 24) |

### `GET /claude`

Claude Code MCP integration installer script.

## Security Model

### What vnsh Protects Against

βœ… **Server Compromise** β€” Even with full server access, attackers cannot decrypt blobs
βœ… **Database Leaks** β€” Stored data is indistinguishable from random noise
βœ… **Traffic Analysis** β€” No content-type information stored
βœ… **Subpoenas** β€” Server operator cannot produce plaintext (doesn't have keys)

### What vnsh Does NOT Protect Against

❌ **URL Sharing** β€” Anyone with the full URL (including `#fragment`) can decrypt
❌ **Client Compromise** β€” Malware on your device can intercept before encryption
❌ **MITM on Upload Page** β€” An attacker serving malicious JavaScript could intercept

### Recommendations

- Use vnsh over HTTPS only
- Don't share full URLs in public channels (Slack, Discord, Twitter)
- For maximum security, self-host the worker

## Project Structure

```
vnsh/
β”œβ”€β”€ worker/ # Cloudflare Worker (storage API + web viewer)
β”‚ β”œβ”€β”€ src/
β”‚ β”‚ └── index.ts # Main worker code
β”‚ └── test/
β”‚ └── api.test.ts
β”œβ”€β”€ mcp/ # MCP Server (Claude Code integration)
β”‚ β”œβ”€β”€ src/
β”‚ β”‚ β”œβ”€β”€ index.ts # MCP tool handlers
β”‚ β”‚ └── crypto.ts # Encryption utilities
β”‚ └── package.json
β”œβ”€β”€ extension/ # Chrome Extension (AI debug sharing)
β”‚ β”œβ”€β”€ src/
β”‚ β”‚ β”œβ”€β”€ lib/ # Shared crypto, API, storage
β”‚ β”‚ β”œβ”€β”€ background/ # Service worker
β”‚ β”‚ β”œβ”€β”€ content/ # Link detector + tooltip
β”‚ β”‚ └── popup/ # Extension popup UI
β”‚ └── tests/
β”œβ”€β”€ cli/
β”‚ β”œβ”€β”€ vn # Bash CLI script
β”‚ β”œβ”€β”€ npm/ # NPM package (vnsh-cli)
β”‚ β”‚ β”œβ”€β”€ src/
β”‚ β”‚ β”‚ β”œβ”€β”€ cli.ts
β”‚ β”‚ β”‚ └── crypto.ts
β”‚ β”‚ └── package.json
β”‚ └── install.sh # Shell installer
β”œβ”€β”€ homebrew-tap/ # Homebrew formula
β”‚ └── Formula/
β”‚ └── vnsh.rb
└── docs/ # Documentation
```

## Packages

| Package | Description | Install |
|---------|-------------|---------|
| [vnsh-cli](https://www.npmjs.com/package/vnsh-cli) | CLI tool | `npm i -g vnsh-cli` |
| [vnsh-mcp](https://www.npmjs.com/package/vnsh-mcp) | MCP server for Claude | `npx vnsh-mcp` |
| [vnsh extension](extension/) | Chrome Extension | [Chrome Web Store](https://chromewebstore.google.com/detail/vnsh) |
| [upload-to-vnsh](https://github.com/raullenchai/upload-to-vnsh) | GitHub Action for CI/CD | `uses: raullenchai/upload-to-vnsh@v1` |
| [homebrew-vnsh](https://github.com/raullenchai/homebrew-vnsh) | Homebrew tap | `brew install raullenchai/vnsh/vnsh` |

## Development

```bash
# Clone
git clone https://github.com/raullenchai/vnsh.git
cd vnsh

# Install dependencies
npm install
cd worker && npm install
cd ../mcp && npm install

# Run tests
npm test # Worker + MCP tests
cd extension && npm test # Extension tests (48 tests, 93%+ coverage)
cd extension && npm run test:cov # Extension tests with coverage

# Start local worker
cd worker && npm run dev

# Build MCP server
cd mcp && npm run build

# Build extension
cd extension && npm install && npm run build
# Load extension/dist/ as unpacked in chrome://extensions/
```

## Contributing

Contributions are welcome! Please read our [Contributing Guide](CONTRIBUTING.md) before submitting a PR.

### Development Workflow

1. Fork the repository
2. Create a feature branch (`git checkout -b feature/amazing-feature`)
3. Run tests (`npm test`)
4. Commit changes (`git commit -m 'Add amazing feature'`)
5. Push to branch (`git push origin feature/amazing-feature`)
6. Open a Pull Request

## License

MIT License β€” see [LICENSE](LICENSE) for details.

---


The Ephemeral Dropbox for AI. Your context. Your keys. Then it's gone.