Skip to main content
GhostPaste

How GhostPaste Works Under the Hood

A technical deep dive into our edge-first, zero-knowledge architecture built for developers who want to understand how things actually work.

Edge Computing
Zero-Knowledge
TypeScript
Web Crypto API

The Big Picture

Your Browser

  • Encrypts files with AES-256-GCM
  • Packs data into custom binary format
  • Keeps encryption keys in URL fragments
  • Handles all crypto operations locally

Edge Network

  • Cloudflare Workers in 275+ locations
  • 50ms CPU budget per request
  • Stateless request handling
  • Low-latency responses from nearest edge

Storage

  • Cloudflare R2 for encrypted blobs
  • Automatic expiration handling
  • Only encrypted data stored
  • Global distribution with smart placement

Why Edge-First Architecture?

The Traditional Problem

  • Geographic Latency: Single server location means slow responses for global users
  • Trust Requirements: Users must trust the server operator with their unencrypted data
  • Infrastructure Complexity: Managing databases, backups, scaling, monitoring
  • Single Point of Failure: Server downtime = service unavailable
  • Legal Vulnerabilities: Centralized data storage subject to jurisdictional requests

Our Edge Solution

  • Global Performance: Edge functions run within milliseconds of every user worldwide
  • Zero-Knowledge by Design: Encryption happens client-side, we never see plaintext
  • Serverless Simplicity: No databases to manage, automatic scaling, built-in redundancy
  • Inherent Reliability: Distributed across 275+ data centers with automatic failover
  • Regulatory Resilience: Can't decrypt data we don't have keys for

Key Architectural Decisions

Client-Side Encryption with Web Crypto API

Why This Works

  • • Hardware-accelerated AES on modern devices
  • • Cryptographically secure random number generation
  • • Native browser support (no external dependencies)
  • • Keys never leave the client browser

Trade-offs

  • • Requires modern browser (no IE support)
  • • JavaScript must be enabled
  • • HTTPS required for crypto API access
  • • Client-side performance varies by device

Custom Binary Format

Why Not JSON?

  • • 40-60% smaller payload size
  • • Streaming-friendly structure
  • • Built-in versioning support
  • • No parsing overhead on server

Complexity Cost

  • • Custom serialization/deserialization logic
  • • More complex debugging
  • • Need tools for format inspection
  • • Migration complexity for format changes

Stateless Edge Functions

Advantages

  • • Infinite horizontal scalability
  • • No database maintenance overhead
  • • Cold start times under 1ms
  • • Automatic global distribution

Constraints

  • • 50ms CPU time budget per request
  • • Limited to edge-compatible APIs
  • • No persistent connections
  • • All operations must be atomic

Working Within Edge Runtime Constraints

Edge functions have strict resource limits

Limited CPU time, memory, and APIs mean we had to rethink how traditional file sharing works.

Design Constraints

  • CPU limits: No long-running operations or complex computations
  • Memory constraints: Can't buffer large files in memory
  • API limitations: Subset of Node.js APIs available
  • Cold starts: Functions must start quickly from scratch

Our Solutions

  • Streaming processing: Handle data as it flows through, no buffering
  • Async operations: Non-blocking I/O for all external calls
  • Efficient formats: Binary data structures for minimal parsing
  • Edge-native APIs: Web Crypto instead of Node.js crypto libraries

What Makes It Zero-Knowledge?

Technical Implementation

  • URL Fragment Keys: Encryption keys are stored in URL fragments (after #) which never reach any server
  • Client-Side Crypto: All encryption/decryption happens in your browser using Web Crypto API
  • Encrypted-Only Storage: We only store the encrypted blob, never plaintext or keys
  • Metadata Encryption: Even file names and descriptions are encrypted with the same key

Real-World Implications

  • Legal Protection: We cannot comply with requests to decrypt data we don't have keys for
  • Server Breach Safety: Even if our systems are compromised, your data remains encrypted
  • No Trust Required: You don't need to trust us with your sensitive data
  • Audit-Friendly: Open source code means you can verify our claims

Want to Dive Deeper?

This is just the architectural overview. We're planning deep dives into cryptography implementation, binary format specification, performance optimization, and more.

Questions about our architecture? Found something interesting?
We'd love to hear from developers who are curious about how things work.