Locker

Next.js 15Next.js 15
React 19React 19
TypeScriptTypeScript
Tailwind CSSTailwind CSS
PostgreSQLPostgreSQL
PrismaPrisma
RedisRedis
ZustandZustand
Zod
better-auth
Locker

Locker lets you share sensitive information through encrypted, one-time links that automatically destroy themselves after being read. Built with a zero-knowledge architecture — secrets are encrypted in the browser before they ever reach the server, so no one but the intended recipient can read them. It uses AES-256-GCM encryption via the Web Crypto API entirely client-side, with the decryption key living only in the URL fragment. Features include configurable TTL (1 minute to 7 days), optional password protection with brute-force lockout, account-bound ownership with instant revocation, a secret management dashboard, rate limiting via Upstash, audit logging, and automated cron-based cleanup of expired secrets.

Features

  • End-to-end encryption — AES-256-GCM via Web Crypto API, entirely client-side
  • Zero-knowledge architecture — server only stores ciphertext; decryption key never leaves the URL fragment
  • Burn after reading — secrets are permanently destroyed after a single view
  • Configurable TTL — expiration from 1 minute to 7 days, auto-purged on expiry
  • Password protection — optional passphrase with brute-force lockout and auto-destruction
  • Account-bound ownership — every secret tied to your account with instant revocation from the dashboard
  • Secret management dashboard — view, copy, and revoke active secrets in one place
  • Rate limiting — API-level protection via Upstash rate limiter
  • Audit logging — all key actions (create, view, delete, cleanup) are logged for traceability
  • Automated cleanup — cron-based purge of expired secrets
  • Input validation — strict schema validation with Zod on all endpoints
  • Fully responsive UI — clean, minimal design that works on all devices
PreviousClyraNextFlow