End-to-end, client-side
Each drop is encrypted with AES-256-GCM on the sender's machine before it is uploaded. SpaceBox stores a ciphertext bundle it cannot open.
AES-256-GCM · SBXB v2 bundleSpaceBox Lite is a free app that turns your device into a SpaceBox. Host a private vault across your devices, or an inbox that receives one-way encrypted drops from senders you invite. Each file is encrypted with post-quantum keys before it leaves the sender. You are the only one who can open it, and the server holds ciphertext only.
Lite provides an encrypted-drop workflow. Senders drop, you host, and nothing crosses the wire in the clear.
Senders need no account or email. They use a QR invite you approve. Each drop is encrypted to your key on the sender's own device, and the sender keeps no copy.
Run a personal vault across your own devices, or an organisation inbox that receives from many external senders. Both live on your device.
Approve or decline each sender, set per-sender file and storage limits, and monitor storage use. Drops are stored append-only. They cannot be altered or removed without your action.




Each drop is encrypted with AES-256-GCM on the sender's machine before it is uploaded. SpaceBox stores a ciphertext bundle it cannot open.
AES-256-GCM · SBXB v2 bundleKey exchange uses ML-KEM-768 (NIST FIPS 203 / Kyber). Data captured today remains protected against the cryptographically-relevant quantum machines expected in the 2030s.
ML-KEM-768 · liboqsYour private key is generated locally and stored only in your device's secure storage. i46 cannot decrypt your data, and neither can a court order served on i46.
Secure storage · zero-knowledgeLogin is a cryptographic challenge: the server encapsulates a secret to your public key and only your device can recover it. No password or shared secret leaves your machine.
KEM challenge–responseEncryption happens on the device. The server stores ciphertext and metadata only; it never holds a key that could open it.
ML-KEM-768 key exchange with AES-256-GCM bodies, resistant to harvest-now-decrypt-later attacks.
Your private key lives in your device's secure storage and never leaves it. No back door, no reset, no master key.
We hold ciphertext. Without your private key, which we never receive, it stays unreadable, even to us.
There isn't one. Authentication is a key-exchange challenge, so there's no credential to seize or reset.
Your private key lives only in your device's secure storage. There is no master key and no support path that can open a SpaceBox.
Post-quantum · non-custodial · anonymous drops · in the free Lite beta today.
Turn your device into a SpaceBox in a few minutes. Keys are generated on-device, drops are sealed before they reach you, and there is nothing for us to hand over.
The full vault (two-way sharing, ownership transfer, digital inheritance and 24-word recovery) is SpaceBox Ground. Orbital storage is SpaceBox Space.