Writing purely.

scrut.ch is a non-bloated, secure editor with only one main feature: writing. Together with others or in private. You wouldn’t know you missed it, until you’ve tried it.

from.scrut.ch

No features … almost

scrut.ch has no shiny features. That’s what it’s all about. So rather than bragging about what it can, let’s summarize what it’s missing:

  • No sign-up, or login or cookies
  • No Rich-Text-Editor, no WYSIWYG
  • No pricing, no ads, no tracking
  • No server-side knowledge of your contents
  • No images, no files
  • No themes, no templates
  • No apps. Just browser and PWA
  • No folders, no hashtags
  • No clutter, pure focus

Find out, why not having all of this is enough to have. Try it out and start from.scrut.ch.

Free like in ’free beer‘

Why should one charge for an editor without significant features, right? So no reason for scrut.ch not to be free of charge. If the dire situation of needing money arose one day, we’ll think of something.

However, if you feel generous today, why not just give money without someone asking for it. There are options for donations.

Encrypted? Yes. End-to-end? Sure.

Everything you enter from.scrut.ch is encrypted before it leaves your device. The only place, where the cleartext of your contents exists, is right on your device(s). This is how it works:

After starting from.scrut.ch your client generates two random values:

The slug:
xASjANwR
The encryption key:
yFrI-Z3Jh-6GvV-xJ4q-ZH7o-UwmM-oOtT-tpKT

The slug is unique and identifies your Scrutch. It is part of of the public URL. The encryption key is used to encrypt and decrypt any contents. There is no real owner of a Scrutch. Anyone having both public URL and encryption key is able to read and write.

How sharing works

The encryption key is stored exclusively on the client. If you want to share your Scrutch, we recommend sending public URL and encryption key over different channels. However, you may append the encryption key to the public URL of your Scrutch, which gives you the private URL.

Public URL Private URL

https://from.scrut.ch/xASjANwR#yFrIZ3Jh6GvVxJ4qZH7oUwmMoOtTtpKT

In a private URL the encryption key is part of the URL and therefore gives the recipient instant access to your Scrutch. The key is appended via hash and therefore not part of the HTTP request browsers send over the network. This ensures the key never leaves the device it’s shared with.

These are the basics of the encryption of scrut.ch. If you’re eager to dive deeper into the crypto being used behind the curtains, there’s a more detailed description in the Q&As down below.

Questions & answers

Is scrut.ch truly for free? Any catches?

Right now it is. And as long as we can afford to run the servers, there will always be a free version of scrut.ch. There might be some paid bells and whistles in the future. But what’s there right now, will be there for free in the future. There are options for donations, if you want to support scrut.ch voluntarily.

How confidential are my texts? How secure is scrut.ch?

Very confidential. And pretty secure. Every time you create a new Scrutch, a random key is being generated by your device. This key is used to encrypt everything you type before it leaves the client. The key is different for each Scrutch and exclusively stored on the devices its shared with. It is never sent to our (or third-party) servers.

Okay, and how exactly does scrut.ch encrypt my texts?

scrut.ch uses client-side symmetric encryption utilizing the Advanced Encryption Standard (AES) with a 256 bit key derived from the encryption key (passphrase) of each Scrutch. The key derivation function is PBKDF2 with a thousand iterations. The library used to perform the heavy crypto lifting in the background is CryptoJS.

I want more details.

Sure! The key derived from each Scrutch’s encryption key isn’t the actual key used to encrypt/decrypt the contents. It’s rather the key to enrypt/decrypt the actual encryption key. Why so complicated? This ensures the actual key used to encrypt/decyrpt your contents stays the same, even if you decided to change the encryption key of your Scrutch. This isn’t possible right now, but may be in the future. If it wouldn’t stay the same, we would have to decrypt und re-encrypt all your contents after every passphrase change.

So what’s stored on your servers then?

Legit question. For each Scrutch the server knows the following:

  • Its slug as clear text. Used to identify and find a Scrutch.
  • The SHA3 hash of the Scrutch’s encryption key. Used to permit access only for people having the matching encryption key.
  • The AES-encrypted lower level encryption key. Used to encrypt/decrypt the contents of the Scrutch. Can be decrypted using the key derived from the Scrutch’s encryption key.
  • A checksum of the content. Since the server cannot read to contents of your Scrutch, the checksum is used to detect changes.
  • A timestamp of the last change. Used to detect whether there is a newer version of the content on the server than on your client(s).
  • The encrypted content. Binary gibberish only decryptable by your devices.

I wanna know moar!!!

Come on, give me a break! If you’re curious and/or an expert on cryptography, take a look a the crypto compontent of scrut.ch, which will be released on GitHub, soon. If you found any mistakes or weird stuff in our crypto, please tell us before going public to give us the chance to fix it asap: hello@scrut.ch

I lost my encryption key. How can I recover it?

Hold on to something … you can’t. That’s the beauty of encryption. The encryption key of a Scrutch never leaves your device(s). So, if you lost access to it, we cannot restore it. Without it, your Scrutch content is just binary gibberish. Try to remember if you shared your Scrutch with another device. It may be still there, including the decryption key.

Are my texts stored forever?

Simple answer: yes. Honest answer: in most cases. Since scrut.ch is a free service, we like to keep data trash at a minimnum. So from time to time, we may delete Scrutches which we consider unused over a very long period of time. But no reason to worry! We’re talking very long periods and we’ll think twice before doing so.

What’s the difference between scrut.ch and Scrutch?

scrut.ch is the software. A Scrutch is a single text/note written with scrut.ch. Genius, right?

Are you from Switzerland?

Hehe, nope, I’m not. However, start from.scrut.com wouldn’t have looked that nice, would it?

Any yet unanswered questions on your mind? Please do ask: @scrut_ch or hello@scrut.ch