Encrypted? Yes. End-to-end? Sure.
Everything you enter from.scrut.ch is encrypted before it leaves your device. The only place, where the clear text of your contents exists, is right on your device(s). This is how it works:
After starting from.scrut.ch your client generates two random values:
- The slug:
- xASjANwR
- The encryption key:
- yFrI-Z3Jh-6GvV-xJ4q-ZH7o-UwmM-oOtT-tpKT
The slug is unique and identifies your text. It is part of of the public URL. The encryption key is used to encrypt and decrypt any contents. There is no real owner of a text. Anyone having both public URL and encryption key is able to read and write.
How sharing works
The encryption key is stored exclusively on the client. If you want to share a text, we recommend sending public URL and encryption key over different channels. However, you may append the encryption key to the public URL of your text, which gives you the private URL.
Public URL Private URL
https://from.scrut.ch/xASjANwR#yFrIZ3Jh6GvVxJ4qZH7oUwmMoOtTtpKT
In a private URL the encryption key is part of the URL and therefore gives the recipient instant access to your text. The key is appended via hash and therefore not part of the HTTP request browsers send over the network. This ensures the key never leaves the device it’s shared with.
These are the basics of the encryption of scrutch. If you’re eager to dive deeper into the crypto being used behind the curtains, there’s a more detailed description in the FAQ down below.