Filarr Send
End-to-end encrypted file sharing. The server sees nothing.
Send any file to anyone. Encryption happens in your browser, the key is placed in the URL and never reaches our servers.
Two ways to share
Same crypto, two usage contexts. Pick the one that fits your need.
Filarr Send (web)
filarr.com/send
Anonymous, no account, no install. Drop a file in the browser, share the generated URL. Perfect for one-off sends to someone who doesn't have Filarr.
- No account creation
- Up to 2 GB per file
- Max 7-day expiry
- Up to 10 downloads per link
- 3 concurrent active shares per IP
Share from Filarr (desktop)
Filarr → right-click → Share via link
From your local vault: right-click any file, configure share options, copy the URL. More control, download history, revocation at any time.
- From your existing encrypted vault
- Up to 50 GB per file (Pro)
- Expiry up to 1 year (Pro)
- Manual revocation at any time
- Download history (country + /16 subnet)
- "One download per IP" option
How it works
The full pipeline, from file selection to decryption at the recipient.
- 1
Key generation
Your browser generates a random 32-byte key (K_share). It never leaves your machine in transmissible form — it's base64url-encoded and placed in the URL fragment (#k=…).
- 2
Local encryption
The file is split into 16 MB chunks, each encrypted with AES-256-GCM via WebCrypto. The server never sees the plaintext, never the file name (the manifest is encrypted separately).
- 3
Ciphertext upload
Only ciphertext leaves for our servers (Cloudflare R2). If you enable a password, a random salt is stored server-side — the derived key via HKDF-SHA-256, never the password in plain text.
- 4
Decryption at the recipient
When opening the URL, the recipient's browser extracts the key from the fragment (#k=…), downloads the encrypted chunks, and decrypts them locally. The Filarr server only sees opaque requests for opaque ciphertext.
Security, no trust required
Even if our servers are fully compromised, your files stay unreadable. That's what "zero-knowledge" means.
The key never reaches the server
Placed in the URL fragment (the part after #). RFC 3986 guarantees browsers never transmit the fragment to the server — even our HTTP logs see nothing.
Authenticated AES-256-GCM
NIST standard algorithm. GCM mode protects both confidentiality AND integrity (a modified chunk fails to decrypt). Implemented via the browser's native WebCrypto API.
Password via HKDF-SHA-256
If you add a password, the real decryption key is derived via HKDF(K_share + password, salt). Brute-force costly on the attacker side, and the server sees neither the password nor the derived key.
Open source
Filarr is published under BSL 1.1. You can audit the client, the worker, the D1 migrations, the encryption pipeline. It's all on GitHub — no black box.
Web vs Desktop, in detail
| Feature | Web (anonymous) | Desktop (with account) |
|---|---|---|
| Account required | No | Yes |
| Max file size | 2 GB | 1 GB (Free) / 10 GB (Solo) / 50 GB (Pro) |
| Max expiry | 7 days | 14d (Free) / 90d (Solo) / 1 year (Pro) |
| Concurrent active shares | 3 / IP | 10 (Free) / 100 (Solo) / unlimited (Pro) |
| Max downloads | 10 | 50 (Free) / 1000 (Solo) / unlimited (Pro) |
| Optional password | Yes | Yes (Solo & Pro) |
| Manual revocation | No | Yes |
| Download history | No | Yes (country + /16 subnet) |
| "One download per IP" | No | Yes |
| E2EE encryption | AES-256-GCM | AES-256-GCM (same) |
Try it now. No account required.
Filarr Send runs in your browser. Drop a file, copy the link, share it. That's it.