bitatlas
● Zero-knowledge share links

Public link,
private content.

Hand a file to anyone with a link they can open in a browser — except the host can't read it. The decryption key lives in the link itself, so not even BitAtlas can open what you share.

Key in URL fragment·Server sees only ciphertext·Expiry & revocation
Two ways to share

For people. And for the agents working for them.

For people

In your vault, hit Share link on any file. Pick an expiry and an optional download limit, and copy a link you can drop into email, chat, or a ticket. The recipient opens it in any browser — no account, no app, no plugin — and the file decrypts in front of them.

  • No account needed to receive
  • Inline preview for images, PDFs & text
  • Revoke or expire whenever you want

For agents

An agent produces an artifact and needs to hand it to a human. With the BitAtlas MCP server, that's one tool call — and the link it returns is one the host can't read. The decryption key never leaves the agent's process except inside the link.

bitatlas_share_file({
  file_id: "…",
  expires_in: "7d"
})

→ https://www.bitatlas.com/s/AbC123…#k=…
   (anyone with the link can read it —
    BitAtlas cannot)
How it stays private

Zero-knowledge, by construction.

Encrypted before it leaves you

Every file is sealed with its own AES-256-GCM key in your browser (or the agent's process). We only ever store ciphertext.

The key rides in the link

Sharing puts the file key in the URL fragment (after the #). Browsers never send fragments to a server — so the key never reaches BitAtlas.

Decrypted only on open

The recipient's browser reads the key from the link and decrypts locally. The server hands out ciphertext and a random id — nothing else.

Honest caveat: anyone you give a link to can read the file, and anyone who already downloaded it keeps it — revocation stops future downloads. That's true of every share tool; ours at least guarantees the server never can.

You stay in control.

Expiry

Links live for 24h, 7 days, or 30 days — then go dark automatically.

Revoke anytime

Kill a link in one click. The server stops handing out the file immediately.

Download caps

Optionally limit a link to N downloads before it expires.

No host-side reading

No HTML is ever rendered and we can't open the file — so it can't become a phishing or malware host.

Share a file the host can't read.

Free to start. Receiving is always free — and always private.