Find answers to your questions about SecureDrop
SecureDrop is a secure and anonymous blockchain-based file transfer platform. It uses E2E encryption, decentralized IPFS storage, and Zero-Knowledge anonymization to guarantee your privacy.
You upload a file that is encrypted client-side before sending with a unique randomly generated key. The encrypted file is stored on IPFS (decentralized network) and a cryptographic proof is recorded on Base blockchain. The recipient receives a sharing link containing the decryption key. Only the authorized recipient (with cryptographic signature if restricted) can download and decrypt the file. Even if someone intercepts the link, without the key and signature, the file remains inaccessible.
Yes, the Free plan is 100% free forever. It includes 5 files per month, 50 MB per file, and 24h expiration. No credit card required.
Complete ZK anonymization (available in Premium/OG) guarantees that both sender AND recipient are 100% anonymous on blockchain via Zero-Knowledge proofs. Even though Base blockchain is public, no one can see who uploaded what, who was the intended recipient, or who downloaded the file. Addresses are replaced by cryptographic hashes (commitments), and downloads use anonymous nullifiers. The content itself is also anonymized: filenames are replaced by generic identifiers. Even with full blockchain access, it's cryptographically impossible to trace your transfers or link a file to an identity.
Base blockchain serves as an immutable and verifiable cryptographic proof, even with complete anonymity. It guarantees: (1) Transfer integrity - impossible to modify or forge a transfer proof, (2) Authenticity - recipient can verify the file comes from the intended sender (via ZK proof) without knowing their identity, (3) Censorship resistance - no one can delete or block a recorded transfer, (4) Download proof - cryptographically verifiable without revealing who downloaded. Blockchain thus brings trust and immutability without compromising anonymity thanks to ZK proofs.
Yes. Files are E2E encrypted before upload, stored on IPFS in a decentralized manner, and for Premium/OG, sender and recipient are anonymized via ZK proofs. We cannot see your files even if we wanted to.
For Free users: IP is temporarily collected for rate limiting (deleted after 24h). For Premium/OG: no IP collection under normal operation. Legal exception: IP may be automatically collected ONLY if our algorithmic detection system (HashLookup, PDQ, TMK) detects illegal content (CSAM, terrorism). This collection is automatic via algorithm, not manual. We do not actively monitor IPs - it's only triggered by automatic detection of illegal content for reporting to authorities.
We use multiple automatic detection systems: HashLookup (exact hash), PDQ for modified images, and TMK+PDQF for modified videos. Illegal content is blocked immediately and reported to competent authorities.
Yes, you can upgrade or downgrade your plan anytime. Changes take effect immediately. If you upgrade, you pay the difference. If you downgrade, your current subscription remains active until expiration.
Yes, you can cancel anytime. Your subscription remains active until the end of the paid period. No refund for the current period, but you keep access until expiration.
Premium: 1 GB per file, 15 days expiration, complete ZK anonymization. OG: 5 GB per file, unlimited expiration, + Custom Domain, API Access, and Custom Branding. Both include complete ZK anonymization.
Yes, Premium and OG subscriptions are payable in USDC on Base L2. Payment is made directly via your wallet (MetaMask, RainbowKit, etc.) in a single transaction thanks to EIP-2612 permit.
IPFS (InterPlanetary File System) is a decentralized storage protocol. Your files are stored on a distributed network rather than a centralized server, making them censorship-resistant and fault-tolerant.
Base is an Ethereum Layer 2 developed by Coinbase. It offers fast and low-cost transactions while maintaining Ethereum's security. SecureDrop uses Base to record cryptographic proofs of transfers.
Zero-Knowledge Proofs allow proving that information is true without revealing the information itself. In SecureDrop, this completely anonymizes sender and recipient on blockchain while guaranteeing transfer validity.
Yes, you can set an expiration date when uploading. Free: max 24h, Premium: max 15 days, OG: unlimited. Once expired, the file is automatically deleted from IPFS and becomes inaccessible.
Free: Community support via Discord/GitHub. Premium/OG: Priority email support. For urgent questions, contact us directly.
Yes. For Premium/OG: no personal data collection under normal operation. For Free: minimal collection (temporary IP for rate limiting, deleted after 24h). Legal exception only for detected illegal content.
The file is immediately blocked, the user is blacklisted, and content is reported to competent authorities (NCMEC for CSAM, police for terrorism). IP may be collected in this case (legal exception).
Yes, SecureDrop can be used for legitimate commercial files. However, sharing copyright-protected content without authorization is prohibited. See our Terms of Service for details.