Skip to content
SecretPNG

Security

We'd rather show our work than ask for blind trust. Here's where things actually stand.

Security review status: Not independently audited

SecretPNG is in beta. It has not had an independent third-party security audit. We will not describe it as audited until a real audit report exists, and we will link that report here when it does.

What has been done

  • The cryptography uses standard, widely reviewed constructions (AES-256-GCM, PBKDF2, the STREAM chunking scheme) via the browser's Web Crypto API — we did not invent any cryptographic primitives.
  • The container format is documented and covered by known-answer, tamper, truncation, reordering, and duplication tests.
  • The secure workspace is isolated from advertising and analytics by layout, a strict Content Security Policy, and network tests.
  • Secret links are stored as ciphertext only; the decryption key never reaches our server.

What has not been done

  • No independent security audit or penetration test.
  • No formal verification of the implementation.
  • Hosted delivery means you trust the JavaScript we serve at the moment you load a page. The offline app reduces this to a one-time trust decision. See the threat model.

Read the details

Found a problem? See responsible disclosure or email security@secretpng.com.