Volume 01 — Issue 001

Stop pasting passwords
into email.

Generate an encrypted, one-time link. Send it to a client, vendor, or partner. They submit credentials through a secure form — never through a thread, never indexed, never recoverable from a sent folder.

Open the portal See the workflow

The workflow

Four steps. Zero credentials in your inbox.

01

Create

Open the portal, name a recipient, set expiration and one-time use.

02

Send

Share the generated link by any channel. The token is single-use and signed.

03

Receive

Recipient submits credentials through an encrypted form. No account needed.

04

Retrieve

You're notified. View once. Delete on demand or let auto-retention purge.

Security architecture

Designed for credentials, not for convenience.

AES-256-GCM at rest

Every credential field is encrypted with a per-payload IV before it touches the database.

Hashed tokens

Link tokens are stored as SHA-256 hashes. The plaintext never lives in the database.

Single-use & expiring

Default 48-hour windows, one-time consumption, automatic status transitions.

Auto-deletion

Configurable retention purges credentials after a set number of days.

Full audit trail

Every create, view, submit, and delete is logged with IP and user agent.

Row-level security

Only authorized administrators can read credential metadata. Service role decrypts on demand.