Show HN: Stasher – Burn-after-read secrets from the CLI, no server, no trust
17 days ago
- #encryption
- #security
- #cli
- Stasher is a command-line tool for secure, ephemeral secret sharing.
- It is designed for people who are busy, paranoid, or both.
- Stasher uses zero-knowledge encryption (AES-256-GCM) done locally.
- Secrets are burn-after-read, meaning they are deleted after one use.
- The tool is CLI-first, allowing for piping, scripting, and automation.
- No setup is required; it can be run with npx.
- Secrets have a 10-minute expiry with proactive and reactive cleanup.
- Stasher provides full supply chain transparency with signed releases and attestations.
- It supports sharing secrets via strings, files, or stdin.
- Stasher is powered by Cloudflare Edge for security.
- The backend is built with Cloudflare Workers and Durable Objects.
- Stasher started as a personal project and evolved into a zero-trust tool.