SGraph Send encrypts your files in your browser before they ever leave your device. The decryption key stays with you. The server stores only encrypted bytes it cannot read. Here is how it works.
You pick a file
Open send.sgraph.ai and drop a file onto the upload page, or click to browse. The file sits in your browser's memory. Nothing has been sent anywhere.
Your browser encrypts it
When you click "Encrypt & Upload," your browser generates a fresh 256-bit encryption key using the Web Crypto API — a standard built into every modern browser. The file is encrypted with AES-256-GCM, a symmetric cipher that provides both confidentiality and integrity. The plaintext never touches the network.
The encrypted blob is uploaded
The server receives an opaque binary blob — encrypted bytes that it cannot read. It stores the blob along with minimal metadata: a hashed version of your IP address, a timestamp, and the file size. It does not receive the file name, the decryption key, or any indication of what the file contains.
You share the link and the key separately
After upload, you receive two things:
- A download link — points to the encrypted file on the server
- A decryption key — exists only in your browser
For best security, share these via different channels. Send the link by email. Send the key by Signal, WhatsApp, or a text message. If someone intercepts one channel, they get something useless without the other half.
The recipient decrypts in their browser
Your recipient opens the download link, pastes the decryption key, and clicks "Download & Decrypt." Their browser fetches the encrypted blob from the server, decrypts it locally using the Web Crypto API, and saves the original file. The server was a delivery mechanism for data it could not read.
The key stays with you
The decryption key is generated in your browser and never transmitted to the server. The server receives and stores an encrypted blob. Without the key, that blob is computationally useless — AES-256 has 2^256 possible keys, a number larger than the estimated atoms in the observable universe.
A full server compromise — every Lambda function, every S3 bucket, every log file — yields encrypted data that cannot be decrypted. This is the “zero-knowledge” guarantee: the server has zero knowledge of your file content, by construction.
Channel separation
The security tip displayed after upload — “share the link and the key via different channels” — is the most important operational practice:
- An attacker who compromises your email gets a link to ciphertext they cannot read.
- An attacker who compromises your messenger gets a key with nothing to apply it to.
- Only an attacker who compromises both channels simultaneously can access the file.
This is a meaningful upgrade over the common practice of sending a file and its password in the same email thread.
No silent corruption
AES-256-GCM includes a built-in authentication tag. If even a single bit of the encrypted data is altered, decryption fails entirely with a clear error message — rather than producing a corrupted file. You either get the exact original, or you get a clear failure. Never silent corruption.
Want to try it? Visit send.sgraph.ai — no account required.