/* Cryptographic Core
ProtectedShare is engineered with an absolute zero-knowledge security model. Your plaintext is encrypted natively in your browser using AES-256-GCM. Because the encryption/decryption keys are held strictly by you, it is cryptographically impossible for hackers, third parties, or even our administrators to read your secrets, workspaces, or notes.
We provide two distinct, purpose-built sharing protocols:
- -One-Time Secrets: Passes the decryption key securely via the URL hash fragment (`#key`). The key never hits the network, and the payload burns immediately after one-time access, preventing residual chat/mail log leakage.
- -Secure Notes: Outputs a separated link and password. This allows you to split the delivery across two independent channels (e.g., URL over Slack, password via Signal/SMS), satisfying strict multi-factor defense requirements.