Private alternatives to Pastebin, GitHub Gist, vetted against our public criteria.
Zero-knowledge notes, tasks, and journal secured by a single 12-word recovery phrase, with no email or password required. The crypto core and database schema are published for audit.
A minimalist open-source pastebin where the server has zero knowledge of pasted data. Content is encrypted and decrypted entirely in the browser using 256-bit AES-GCM before anything touches the server, with the decryption key stored only in the URL fragment.
An end-to-end encrypted pastebin that encrypts content in the browser using XChaCha20-Poly1305 and Argon2id before upload. The decryption key stays in the URL fragment and never reaches the server, with no opt-out: every paste is always encrypted.
A pastebin is the quickest way to share a snippet of code, a log, or a block of text. The mainstream ones can read everything you paste. These encrypt the content in your browser first, so the server only ever stores an unreadable blob.
The one feature that matters is end-to-end encryption: the paste should be encrypted in your browser before upload, with the key kept in the link and never sent to the server. Self-hostable and open source are strong pluses, along with expiring pastes and optional password protection.
With a standard pastebin the operator can read, index, and hand over anything you post, and people paste far more sensitive things than they realise: API keys, internal logs, personal details. Client-side encryption takes the operator out of the trust equation, because they hold only an unreadable blob.
Use a zero-knowledge pastebin for anything you would not post publicly, set a short expiry, and share the full link privately. For a team, self-host one so the data stays on infrastructure you control.