Quick answers
The questions we hear most often.
Do I need an account to send a one-time link?
+
No. Anonymous use is supported and free. Accounts only unlock history, notifications, and team features.
Can Sealed read my secret if it wanted to?
+
No. The encryption key never reaches our servers. We only store ciphertext. Even our engineers operating the database cannot decrypt your secret — there's no key to use.
What happens if I lose the link?
+
It's gone. There is no recovery flow. Re-create the secret and send a new link.
What happens if someone intercepts the link?
+
Anyone with the full link can view the secret once (or up to your view limit). Share links through secure channels (Signal, encrypted email, direct DM). For extra safety, add a password to the link and share the password separately.
Why does the link have a # in it?
+
The encryption key lives after the # symbol — that part of a URL is called the 'fragment.' Browsers never send fragments to servers, so the key stays on the client. It's a 30-year-old web feature that's the cleanest way to keep us from ever seeing the key.
How long do links last?
+
Default is 7 days. You can set 1 hour, 1 day, 7 days, or 30 days at creation time. After expiry the row is deleted regardless of view count.
Can I see who viewed my secret?
+
On the Pro and Business plans, yes — you'll get an email/Slack/webhook notification when the link is consumed. The Free tier deliberately doesn't track this.
Where are servers hosted?
+
We run on Vercel's global edge with primary storage in EU-region data centers, which keeps GDPR-aligned customers in compliance.
Is the source code open?
+
Core encryption logic is auditable at /source so security teams can verify the zero-knowledge claim independently.