FlameLink

FlameLink is a zero‑trust secret sharing system that actually enforces one‑time (or limited‑time) access. Unlike services that rely on database flags and promises, FlameLink uses client‑side encryption, split keys, and Walrus decentralized storage to ensure a secret can only be opened the number of times you allow.

• Split‑Key Secrets: The decryption key is split into two random parts. One part stays in the URL fragment (never sent to any server). The other is held by a one‑time claim gate as random bytes that are useless on their own.
• Client‑Side Encryption: Your secret is encrypted in your browser with AES‑256‑GCM before anything leaves your device.
• Decentralized Storage: Encrypted data is stored on the Walrus network—immutable, distributed, and accessible without relying on FlameLink’s servers.
• One‑Time Access: When a recipient opens the link, the server releases its key share only once (or up to the exact limit you set) and then permanently removes it.
• Multi‑Viewer Control: Allow 1–5 views with an atomic counter—ideal for team password sharing or API key handoff.

How It’s Made

• Split‑Key Design: The key is divided into two independent shares; neither share can decrypt alone.
• Zero‑Knowledge Architecture: Servers never see plaintext or full keys; URL fragments keep sensitive data out of logs.
• Walrus Integration: Publisher stores encrypted blobs; Aggregator retrieves them by content address—no blockchain complexity required.
• Atomic Claim Gate: Token‑based, race‑condition‑safe release of the server’s key share with precise view limits.
• Secure File Handling: A compact binary format preserves filename/type/size through encryption and decryption.

Why It Matters

FlameLink delivers practical zero‑trust secret sharing: provable one‑time (or limited) access, zero server visibility, and storage that can’t be quietly altered or taken down. It removes the need to “trust the service” while keeping the experience as simple as sharing a link.