// about
The pastebin that can't read your pastes.
h4Bin is a zero-knowledge, zero-server pastebin. Your paste is compressed and encrypted inside your browser, and the encrypted result becomes the link itself. There is no database to breach, no account to compromise, and no operator to subpoena — because nothing is ever uploaded.
How it works
Encrypted in your tab
Your text is deflate-compressed and sealed with AES-256-GCM using the browser's native WebCrypto and a freshly generated 256-bit key. Optionally, a password is mixed into the key derivation (PBKDF2, 600,000 rounds).
The link is the paste
The ciphertext and key are encoded into the part of the URL after # — the
fragment. Browsers never send fragments in HTTP requests, so the paste physically cannot
reach any server, including ours.
Decrypted only by holders
Anyone who opens the link decrypts it locally in their own browser. No link, no paste. No password (when set), no paste — even with the link in hand.
Why you can trust it
- Fully open source. Every line that touches your data is public at github.com/h4rithd/h4bin — and the design stays secure even with the source in an attacker's hands, because the only secrets are the keys minted in your browser.
- Native cryptography only. Encryption and key derivation use the browser's built-in WebCrypto — there is no third-party crypto library to backdoor.
-
No exfiltration path. The site ships a Content-Security-Policy with
connect-src 'none': even if malicious code somehow ran here, the browser would refuse to let it phone home. - No accounts, no cookies, no analytics. There is nothing to track you with, and nothing worth stealing.
How it compares
| Encryption | Where pastes live | Can the operator read them? | |
|---|---|---|---|
| Pastebin.com | none | their database | yes — and so can scrapers |
| GitHub Gist ("secret") | none | GitHub's database | yes |
| PrivateBin | AES-256-GCM, client-side | a server (ciphertext) | no — but you must trust an instance |
| NoPaste | compression only | the link | no server — but anyone with the link reads it in plain |
| h4Bin | AES-256-GCM + optional password | the link (ciphertext) | no — there is nothing to read, anywhere |
Questions people ask
Can you recover a paste if I lose the link?
No. The link is the only copy of both the data and the key. This is not a policy — it is physics. Losing the link means the paste is gone.
Can you delete a paste for me?
There is nothing to delete — no copy exists outside the links people hold. To "delete" a paste, delete the link everywhere it was shared. For time-boxed sharing, set an expiry before minting (see how expiry works).
Is there a size limit?
The practical limit is how long a URL your sharing channel tolerates. The editor shows a live estimate: under ~2,500 characters fits everywhere, and the meter warns you as links get harder to share. Compression usually shrinks code by 3–4×.
What does a password add?
Without one, anyone holding the link can decrypt. With one, the password is mixed into the key derivation — a link interceptor faces 600,000 PBKDF2 iterations per guess, offline, with no server to help them.
Can I self-host it?
Yes — it is a static site. Fork the repository, deploy to any static host, done. Links are portable across instances because the format is versioned and documented.
— built and maintained by h4rithd · MIT licensed