Binify is a sovereign, production-ready, privacy-first pastebin application. Built for the modern web with a zero-knowledge architecture, ensuring that your secrets remain yours — even from the server hosting them.
In an era of mass surveillance and data breaches, Binify provides a secure haven for your code, notes, and secrets.
- 🔒 Zero-Knowledge Architecture: All encryption and decryption happen in your browser. The server never sees your plaintext content or your encryption keys.
- ⚡ High Performance: Built with Next.js 15, Turso (libSQL), and Upstash Redis for sub-millisecond metadata lookups.
- 🛡️ Military Grade Security: Implements AES-256-GCM encryption with optional PBKDF2 key derivation (100,000 iterations).
- 🔓 Fully Open Source: Audit the code, host it yourself, and contribute to a more private web.
- Client-Side Encryption: AES-256-GCM performed locally before transmission.
- Key Isolation: Encryption keys are stored in the URL fragment (
#), which browsers never send to the server. - Self-Destruct (Burn-after-read): Cryptographically purge data immediately after the first view.
- Granular Expiration: Set pastes to expire after 5 minutes, 30 days, or a specific number of views.
- Password Protection: An extra layer of derivation to protect ultra-sensitive content.
- Manual Revocation: Purge your content at any time using a private administrative token.
- Link Rotation: Instantly change the public URL of your paste while keeping the underlying data intact.
- High-Fidelity Markdown: Full GFM support including tables, task lists, and sanitized HTML.
- Rich Syntax Highlighting: Industry-standard highlighting for 20+ programming languages.
- Infinite Payload Support: Optimized for large pastes up to 4MB with smooth internal scrolling.
- Link Management Terminal: Dedicated
/revokeinterface that accepts both raw IDs and full sharing URLs. - QR Code Sharing: Securely share pastes to mobile devices via instant QR generation.
- Premium Aesthetic: A glassmorphic, terminal-inspired UI designed for modern developers.
- Framework: Next.js 15 (App Router)
- Database: Turso (Edge SQLite)
- Cache/Storage: Upstash Redis
- Styling: Tailwind CSS + Framer Motion
- Cryptography: Web Crypto API (Browser Native)
- Smooth Scrolling: Lenis
- Icons: Lucide React
- Creation: Browser generates a random 256-bit key → Encrypts data → Sends blob to server.
- Key Storage: The access key is appended to the URL as a fragment:
https://binify.io/p/abc#KEY. - Retrieval: Browser parses the
#KEYlocally → Fetches the blob → Decrypts inside the client. - Administrative Controls: Upon creation, the user receives a unique Deletion Token for life-cycle management.
Binify separates Access from Control to maximize sovereignty:
- The #Fragment (Access): Used only for decryption. It is never transmitted to the network.
- The Deletion Token (Control): used to verify authority during revocation or rotation. It resides in the database metadata layer but grants no access to the content.
git clone https://github.com/instax-dutta/binify.git
npm install
npm run devCreate a .env.local file with the following:
TURSO_DATABASE_URL=libsql://...
TURSO_AUTH_TOKEN=...
UPSTASH_REDIS_REST_URL=...
UPSTASH_REDIS_REST_TOKEN=...
NEXT_PUBLIC_APP_URL=http://localhost:3000curl -X POST http://localhost:3000/api/initWe welcome contributions from the community! Whether it's a bug fix, new feature, or documentation improvement, please feel free to open a Pull Request.
- Fork the repository.
- Create a feature branch:
git checkout -b feature/name - Commit your changes:
git commit -m 'Add some feature' - Push to the branch and open a PR.
Built with ❤️ by sdad.pro — Securing the web, one paste at a time.