Writing purely.

scrut.ch is a non-bloated, secure editor with only one main feature: writing. Together with others or in private. You wouldn’t know you missed it, until you’ve tried it.


No features … almost

scrut.ch has no shiny features. That’s what it’s all about. So rather than bragging about what it can, let’s summarize what it’s missing:

We’ve put together a couple of short videos on our YouTube channel to introduce some of the hidden gems of scrut.ch. And now find out, why not having all of this is enough to have and start from.scrut.ch.

Free like in ’free beer‘

Why should one charge for an editor without significant features, right? So no reason for scrut.ch not to be free of charge. If the dire situation of needing money arose one day, we’ll think of something.

However, if you feel generous today, why not just give money without someone asking for it. There are options for donations.

Encrypted? Yes. End-to-end? Sure.

Everything you enter from.scrut.ch is encrypted before it leaves your device. The only place, where the cleartext of your contents exists, is right on your device(s). This is how it works:

After starting from.scrut.ch your client generates two random values:

The slug:
The encryption key:

The slug is unique and identifies your Scrutch. It is part of of the public URL. The encryption key is used to encrypt and decrypt any contents. There is no real owner of a Scrutch. Anyone having both public URL and encryption key is able to read and write.

How sharing works

The encryption key is stored exclusively on the client. If you want to share your Scrutch, we recommend sending public URL and encryption key over different channels. However, you may append the encryption key to the public URL of your Scrutch, which gives you the private URL.

Public URL Private URL


In a private URL the encryption key is part of the URL and therefore gives the recipient instant access to your Scrutch. The key is appended via hash and therefore not part of the HTTP request browsers send over the network. This ensures the key never leaves the device it’s shared with.

These are the basics of the encryption of scrut.ch. If you’re eager to dive deeper into the crypto being used behind the curtains, there’s a more detailed description in the Q&As down below.

Questions & answers

Is scrut.ch truly free of charge? Any catches?

Right now it is. And as long as we can afford to run the servers, there will always be a free version of scrut.ch. There might be some paid bells and whistles in the future. But what’s there right now, will be there for free in the future.

Supporting our work on a voluntary basis via donation would mean a lot, though.

How confidential are my texts? How secure is scrut.ch?

Very confidential. And pretty secure. Every time you create a new Scrutch, a random key is being generated by your device. This key is used to encrypt everything you type before it leaves the client. The key is different for each Scrutch and exclusively stored on the devices it is shared with. It is never sent to our (or third-party) servers.

Okay, and how exactly does scrut.ch encrypt my texts?

scrut.ch uses client-side symmetric encryption utilizing the Advanced Encryption Standard (AES) with a 256-bit key derived from the encryption key (passphrase) of each Scrutch. The key derivation function is PBKDF2 with a thousand iterations. The library used to perform the heavy crypto lifting in the background is CryptoJS.

I want more details.

Sure! The key derived from each Scrutch’s encryption key isn’t the actual key used to encrypt/decrypt the contents. It’s rather the key to encrypt/decrypt the actual encryption key. Why so complicated? This ensures the actual key used to encrypt/decrypt your contents stays the same, even if you decided to change the encryption key of your Scrutch. This isn’t possible right now, but may be in the future. If it wouldn’t stay the same, we would have to decrypt and re-encrypt all your contents after every passphrase change.

So what’s stored on your servers, then?

Legit question. For each Scrutch the server knows the following:

  • Its slug as clear text. Used to identify and find a Scrutch.
  • The SHA3 hash of the Scrutch’s encryption key. Used to permit access only for people having the matching encryption key.
  • The AES-encrypted lower level encryption key. Used to encrypt/decrypt the contents of the Scrutch. Can be decrypted using the key derived from the Scrutch’s encryption key.
  • A checksum of the content. Since the server cannot read to contents of your Scrutch, the checksum is used to detect changes.
  • A timestamp of the last change. Used to detect whether there is a newer version of the content on the server than on your client(s).
  • The encrypted content. Binary gibberish only decryptable by your devices.

I wanna know moar!!!

Come on, give me a break! If you’re curious and/or an expert on cryptography, take a look at the crypto component of scrut.ch, which will be released on GitHub, soon. If you found any mistakes or weird stuff in our crypto, please tell us before going public to give us the chance to fix it asap: hello@scrut.ch

I lost my encryption key. How can I recover it?

Hold on to something … you can’t. That’s the beauty of encryption. The encryption key of a Scrutch never leaves your device(s). So, if you lost access to it, we cannot restore it. Without it, your Scrutch content is just binary gibberish. Try to remember if you shared your Scrutch with another device. It may be still there, including the decryption key.

Can I format my texts? Any hidden features?

scrut.ch uses Markdown to highlight texts and derive certain information from it (the title, for instance). We’re working on a guide to get you started. In the meantime, take a look at the basic syntax of Markdown and our YouTube channel, which introduces some not-so-obvious features like task lists.

Are there mobile apps for Android/iOS/Nokia 3310?

As of now, we do not plan to develop any native apps. This would mean a lot of extra work. We firmly believe in web technology.

This is why scrut.ch offers active progressive web app (PWA) and offline support. We recommend installing scrut.ch as PWA on your mobile devices, including tablets. It’s easy and natively supported by the operating system. There is more than one article on how to install a PWA on Android and iOS.

Does scrut.ch offer spell/grammar checking?

This is sad, but currently it doesn’t. Even sadder: It won’t happen soon.

Spell and grammar checking usually means sending your text to a third-party service which specializes on these things. One of the downsides of end-to-end encryption is that it doesn’t make sense to send your unencrypted content to other parties. So spell checking would have to take place on your client and only on your client. And here we’re talking about a whole domain of challenges. A domain different to the core of scrut.ch.

So we recommend using the built-in spell checker of your browser or install an appropriate extension. Do keep in mind, that many tools (especially grammar checkers) send your inputs to their servers. If you don’t mind that, go for it or choose an extension that works locally, only.

Can I install scrut.ch on my own server? Is it open-source?

Since scrut.ch is a truly end-to-end encrypted service, there are no real benefits of hosting your own instance.

It’s not decided yet, whether to open-source scrut.ch’s client and server applications. We believe open-source projects should adhere to certain standards and be provided it in a proper and well documented way. This would require quite some extra time, which – as of now – is rather spent on improving user experience and stability.

However, we’re working on bundling all the encryption related code into a package library for everyone to use and verify. Check our official GitHub presence or follow us on Twitter to get updated about this.

If you’re an organization and want to use it with your own branding or within an intranet, feel free to reach out, and we’ll try to find a way: hello@scrut.ch

What’s the difference between scrut.ch and Scrutch?

scrut.ch is the service. A Scrutch is a single text/note written with scrut.ch. Genius, right?

Are you from Switzerland?

Nope, I’m not. Start from.scrut.com wouldn’t have looked that nice and (from.)scrat.ch was already taken. If you’re the owner of scrat.ch, please do get in touch if you want to donate your domain. 😘

Any yet unanswered questions on your mind? Please do ask: @scrut_ch or hello@scrut.ch