An end-to-end encrypted pastebin that encrypts content in the browser using XChaCha20-Poly1305 and Argon2id before upload. The decryption key stays in the URL fragment and never reaches the server, with no opt-out: every paste is always encrypted.
paaster
Open Source Web Self-Hosted Encrypted
Official website paaster.io
Our take
paaster takes the same zero-knowledge approach as PrivateBin but builds on more modern primitives: libsodium’s XChaCha20-Poly1305 secretstream with Argon2id key derivation, the same stack as VERNAM. Encryption is not a mode to enable - it is the only mode. Paste history, delete-after-view, and QR sharing are built in, and the project deliberately avoids dynamically loaded third-party scripts. It is a smaller, younger project than PrivateBin with fewer public instances; self-hosting is the most reliable path. A solid choice for anyone who wants the strongest available browser-side encryption on their pastes.
GitHub at a glance
WardPearce/paaster
Stars
544
Last commit
5d ago
healthy
License
AGPL-3.0
Latest release
v3.2.2
1mo ago
Listed in
paaster alternatives
PrivacyNotes Zero-knowledge notes, tasks, and journal secured by a single 12-word recovery phrase, with no email or password required. The crypto core and database schema are published for audit.
PrivateBin A minimalist open-source pastebin where the server has zero knowledge of pasted data. Content is encrypted and decrypted entirely in the browser using 256-bit AES-GCM before anything touches the server, with the decryption key stored only in the URL fragment.