BurnLink lets you share sensitive files with end-to-end encryption and one-time links that burn themselves after access. No accounts. No permanent storage. No trust required.
Hey Product Hunt, I'm Joy, the maker of BurnLink — a product by Paperfrogs/Open (paperfrogs.dev) — and I want to tell you exactly why I built it. I kept sending sensitive files the wrong way. Credentials over Slack. API keys in email. Config files on Google Drive with "anyone with the link." Every time, a quiet voice saying this is a terrible idea. So I built the thing I actually wanted to use.
What is BurnLink? BurnLink is a zero-knowledge, one-time file sharing tool. You upload a file, get a link, share it. The recipient opens it once — and it's gone. Permanently. No second chances, no recovery, no trace.
What actually makes it different? Every other "secure" sharing tool makes one quiet assumption: trust us with your data. They encrypt in transit. They store on their servers. They hold the keys. You just hope. BurnLink flips that model entirely:
Zero-knowledge by design — encryption happens entirely in your browser via the native WebCrypto API (AES-256-GCM + PBKDF2). Your file never travels the network unencrypted. Ever.
The key never hits our server — it lives in the URL fragment (#). Browsers don't include fragments in HTTP requests. We are architecturally incapable of decrypting your file. Not policy. Not a promise. Physics.
True one-time links — not "expires in 7 days." Burns on first open. One view, gone forever. The moment someone opens it, it's dead.
No accounts, no metadata, no logs — we can't tell you who opened it or when, because we genuinely don't know. That's the point.
Why not just use [X]?
Bitwarden Send — great, but requires a Bitwarden account on both ends OnionShare — powerful, but needs an install and technical setup WeTransfer / Google Drive — no real encryption, files persist, they can read it Just emailing it — please don't
BurnLink is just a link. No installs. No accounts. You paste it, they open it, it's gone. We don't ask you to trust us — we built it so you don't have to.
Under the hood Built at Paperfrogs Labs as a solo project, using Node.js + Express, Netlify serverless functions, Supabase for storage, and the browser's native WebCrypto API — no heavyweight crypto libraries. Clean, auditable, minimal.
Who is it for? If you've ever cringed sending a password over Slack, shared credentials in a Notion doc, or emailed a .env file — this is for you. Perfect for developers, ops teams, freelancers, and anyone handling sensitive files without a proper secrets manager.
About BurnLink on Product Hunt
“Share encrypted files that are ephemeral”
BurnLink launched on Product Hunt on March 13th, 2026 and earned 93 upvotes and 12 comments, placing #21 on the daily leaderboard. BurnLink lets you share sensitive files with end-to-end encryption and one-time links that burn themselves after access. No accounts. No permanent storage. No trust required.
On the analytics side, BurnLink competes within Privacy, Developer Tools, GitHub and Security — topics that collectively have 566.2k followers on Product Hunt. The dashboard above tracks how BurnLink performed against the three products that launched closest to it on the same day.
Who hunted BurnLink?
BurnLink was hunted by Joy G. Majumdar. A “hunter” on Product Hunt is the community member who submits a product to the platform — uploading the images, the link, and tagging the makers behind it. Hunters typically write the first comment explaining why a product is worth attention, and their followers are notified the moment they post. Around 79% of featured launches on Product Hunt are self-hunted by their makers, but a well-known hunter still acts as a signal of quality to the rest of the community. See the full all-time top hunters leaderboard to discover who is shaping the Product Hunt ecosystem.
For a complete overview of BurnLink including community comment highlights and product details, visit the product overview.
Joy G. Majumdar
Hey Product Hunt,
I'm Joy, the maker of BurnLink — a product by Paperfrogs/Open (paperfrogs.dev) — and I want to tell you exactly why I built it.
I kept sending sensitive files the wrong way. Credentials over Slack. API keys in email. Config files on Google Drive with "anyone with the link." Every time, a quiet voice saying this is a terrible idea. So I built the thing I actually wanted to use.
What is BurnLink?
BurnLink is a zero-knowledge, one-time file sharing tool. You upload a file, get a link, share it. The recipient opens it once — and it's gone. Permanently. No second chances, no recovery, no trace.
What actually makes it different?
Every other "secure" sharing tool makes one quiet assumption: trust us with your data. They encrypt in transit. They store on their servers. They hold the keys. You just hope.
BurnLink flips that model entirely:
Zero-knowledge by design — encryption happens entirely in your browser via the native WebCrypto API (AES-256-GCM + PBKDF2). Your file never travels the network unencrypted. Ever.
The key never hits our server — it lives in the URL fragment (#). Browsers don't include fragments in HTTP requests. We are architecturally incapable of decrypting your file. Not policy. Not a promise. Physics.
True one-time links — not "expires in 7 days." Burns on first open. One view, gone forever. The moment someone opens it, it's dead.
No accounts, no metadata, no logs — we can't tell you who opened it or when, because we genuinely don't know. That's the point.
Why not just use [X]?
Bitwarden Send — great, but requires a Bitwarden account on both ends
OnionShare — powerful, but needs an install and technical setup
WeTransfer / Google Drive — no real encryption, files persist, they can read it
Just emailing it — please don't
BurnLink is just a link. No installs. No accounts. You paste it, they open it, it's gone. We don't ask you to trust us — we built it so you don't have to.
Under the hood
Built at Paperfrogs Labs as a solo project, using Node.js + Express, Netlify serverless functions, Supabase for storage, and the browser's native WebCrypto API — no heavyweight crypto libraries. Clean, auditable, minimal.
Who is it for?
If you've ever cringed sending a password over Slack, shared credentials in a Notion doc, or emailed a .env file — this is for you. Perfect for developers, ops teams, freelancers, and anyone handling sensitive files without a proper secrets manager.