Releases: TheHolyOneZ/ZEncrypt
Release list
ZEncrypt v0.1.0
ZEncrypt
Drag-and-drop file & folder encryption for people who don't want to touch a CLI.
Drop a file or folder, set a password, a keyfile, or a recipient's public key — get back a single authenticated .zsec archive. Decrypt it anywhere ZEncrypt runs. No cloud, no key servers, no accounts.
Tauri 2 · Rust · React 19 · ChaCha20-Poly1305 · AES-256-GCM · Argon2id · BLAKE3 · X25519
Screenshots
Why ZEncrypt
| Tool | Why it falls short for "encrypt this and send it" |
|---|---|
| VeraCrypt | Volume-based. Overkill for sharing a single file. |
| GPG | CLI-first, painful key management, terrible UX for non-experts. |
| 7-Zip / WinRAR password | Not authenticated. Leaks filenames in the ZIP table. |
| age / rage | Great CLI, no GUI. |
openssl enc |
Nobody remembers the incantation. |
ZEncrypt is the missing GUI: modern AEAD ciphers, real KDF, public-key support, drag-and-drop, no setup.
Features
Three ways to encrypt
|
Built for sharing, not for vaults
|
Modern, audited primitives
|
Honest UX
|
How encryption works (pick one)
Password mode — for personal archives and one-off shares where you can communicate the password out-of-band.
You type a password. ZEncrypt runs it through Argon2id (interactive / moderate / paranoid preset, or custom) to derive a 256-bit key. The recipient needs the same password to decrypt.
Strength matters. The UI shows a live entropy estimate. The built-in generator produces high-entropy passwords; the clipboard auto-clears after a configurable delay so the password doesn't linger.
Keyfile mode — for two-factor decryption or for completely password-free flows.
Any file can be a keyfile (binary, photo, song — doesn't matter). ZEncrypt hashes it with BLAKE3 and feeds that into Argon2id. You can use a keyfile alone, or combine it with a password — in which case both are required to decrypt, and a stolen password alone is useless.
The keyfile fingerprint (first 4 bytes of BLAKE3) is stored in the header so the recipient can verify they're using the right one before they even try a password.
Public-key mode — for "I want strangers to be able to encrypt files to me without sharing a secret first."
The recipient generates an X25519 keypair in the Keyfile Manager. They get two files:
.zkey-pub— share it freely. Email it, tweet it, post it on your website. It can only encrypt, never decrypt..zkey-priv— keep it secret. It is the only key in the universe that can open archives encrypted to its public half.
The sender picks the recipient's .zkey-pub in the encrypt screen, drops files, hits Encrypt. ZEncrypt generates a fresh ephemeral X25519 keypair per archive, does ECDH to derive a wrap key, encrypts the per-archive file key with ChaCha20-Poly1305, and embeds the ephemeral public key + wrapped file key in the header.
No password is involved on either side. No pre-shared secret. The recipient's fingerprint is shown in the header so the sender can verify they're encrypting to the right person.
Warning: losing your
.zkey-privpermanently destroys access to every archive ever encrypted to its public half. There is no recovery. Back it up.
The .zsec format
A .zsec file is a single binary blob with this layout:
+---------------------------+
| 63-byte plaintext header | magic + version + cipher + flags + KDF params + base nonce
+---------------------------+
| optional 4-byte keyfile | present when HAS_KEYFILE flag is set (v2+)
| fingerprint |
+---------------------------+
| optional 88-byte pubkey | ephemeral X25519 pubkey + recipient fingerprint + wrapped key (v3+)
| block |
+---------------------------+
| chunked AEAD payload | [u32 chunk_len_with_flag][ciphertext || 16-byte tag], repeated
| | high bit of length prefix marks the final chunk
+---------------------------+
| 32-byte BLAKE3 root | hash of pre-AEAD plaintext, defence-in-depth over per-chunk tags
+---------------------------+
Format version 3. The header is passed as AAD to every chunk, so any tampering with cipher choice, KDF params, or the pubkey block breaks all subsequent decryptions.
What an attacker with the file learns
- That it's a ZEncrypt archive (the magic bytes are public — this is true of every encrypted format).
- Roughly how big the plaintext was (from total file size, +/- chunk overhead and zstd compression).
- The cipher choice, KDF parameters, and (if pubkey mode) the recipient fingerprint.
That's it. Filenames, folder structure, file count, individual file sizes, and content are all encrypted inside the payload.
What it can do
| Area | Capability |
|---|---|
| Input |
|
| Encrypt |
|
| Decrypt |
|
| Reliability |
|
| History |
|




