Skip to content

Encrypt in the Browser

The web interface can encrypt and decrypt files directly in your browser (/encrypt). The operation runs client-side — for the zero-knowledge paths the server never receives your plaintext or your private key.

Encrypt and decrypt panel in the web interface Encrypt and decrypt panel in the web interface

Encrypting for a recipient

Enter a recipient’s email and the interface looks up their public key via CKD and encrypts so only they can open the result — the same flow as mdstn-cipher encrypt --for <email> on the CLI.

Recipient lookup by email via CKD Recipient lookup by email via CKD

Decrypting

Drop a .mdstn file to decrypt it; the method is auto-detected from the file header, exactly as with the CLI. Decryption of zero-knowledge files happens in the browser using your unwrapped key.

Files are cross-surface compatible: a .mdstn produced in the browser decrypts with the CLI (and vice versa).