Show HN: Stasher – Burn-after-read secrets from the CLI, no server, no trust https://ift.tt/yfXcaxt

Show HN: Stasher – Burn-after-read secrets from the CLI, no server, no trust Stasher is a tiny CLI tool that lets you share encrypted secrets that burn after reading — no accounts, no logins, no servers to trust. I built it because I just wanted to share a password. Not spin up infra. Not register for some "secure" web app. Not trust Slack threads. Just send a secret. Secrets are encrypted client-side with AES-256-GCM. You get a `uuid:key` token to share. Once someone reads it, it's gone. If they don't read it in 10 minutes, it expires and deleted. Everything is verifiable. Every release is signed, SLSA-attested, SBOM-included, and logged in the Rekor transparency log. Every line of code is public. There's also a browser-based companion: https://app.stasher.dev — works in a sandboxed popup using the same encrypted model. Share from the terminal, pick up in the browser. No data stored unencrypted. No metadata. No logs. No surveillance. --- GitHub (CLI): https://ift.tt/9MktuDT GitHub (App): https://ift.tt/rql1Rn7 API (Cloudflare Worker): https://ift.tt/Qpo8h2M CI/CD (Open): https://ift.tt/oLOXJGQ NPM: https://ift.tt/MQVoReh Website: https://stasher.dev Browser App: https://app.stasher.dev (runs in sandbox from https://dev.stasher ) Built with Cloudflare Workers, KV, and Durable Objects. All code open, auditable, and signed. Try it: ```bash npx enstash "vault code is 1234#" npx destash "uuid:base64key" thanks for reading https://ift.tt/9MktuDT August 7, 2025 at 04:48AM