Paaster is a secure and user-friendly pastebin application that prioritizes privacy and simplicity. With end-to-end encryption and paste history, Paaster ensures that your pasted code remains confidential and accessible.
- End-to-end encryption.
- Memory efficient.
- File drag & drop.
- Shortcuts.
- Paste history (with support for unix-like search).
- Delete after view or X amount of time.
- API documentation.
- CLI Tool.
- Access code protection (Require a passphrase to view paste.)
- Rate limiting.
- Share via QR code.
- PWA support.
- i18n support (Contribute).
- Automatic or manual language detection.
- No dynamically loaded 3rd party dependencies, meaning malicious code must be present at build time.
- Use of
package-lock.json,poetry.lock& Socket.dev to fight against supply chain attacks & vulnerabilities. - Vercel support.
End-to-end encryption (E2EE) is a zero-trust encryption methodology. When you paste code into Paaster, it is encrypted locally in your browser using a secret that is never shared with the server. Only people you share the link with can view the paste.
No. Anyone could modify the functionality of Paaster to expose your secret key to the server. We recommend using a instance you host or trust.
Client secrets are stored with IndexedDB when the paste is created, allowing for paste history. This method of storage makes Paaster vulnerable to malicious JavaScript, but it would require malicious code to be present when the Svelte application is built.
Paaster uses URI fragments to transport secrets, according to the Mozilla foundation URI fragments aren't meant to be sent to the server. Bitwarden also has a article covering this usage here.
Server secrets are stored with IndexedDB when the paste is created, allowing for modification or deletion of pastes later on. The server-sided secrets are generated using the Python secrets module and stored in the database using bcrypt hashing.
Paaster uses XChaCha20-Poly1305 encryption, which is implemented using the libsodium-wrappers library.
Ctrl+V- Paste code.Ctrl+S- Download code as file.Ctrl+A- Copy all code to clipboard.Ctrl+X- Copy URL to clipboard.
- Open a new issue to request a feature (one issue per feature.)
- Paste editing.
- Paaster isn't a text editor, it's a pastebin.
- Paste button.
- Paaster isn't a text editor, when code is inputted it will always be automatically uploaded.
- Optional encryption.
- Paaster will never have opt-in / opt-out encryption, encryption will always be present.
NOTE: Latest MongoDB requires CPU with AVX support. If you're using virtual CPU (e.g. kvm64) it will not work.
To fix that, either downgrade MongoDB to 4.x, or adjust your VM CPU configuration.
- During configuration, no provided URLs should be suffixed with a slash.
- Configure
docker-compose.yml(example here) - Fine-tune networks and/or volumes, if needed
sudo docker compose up -d- Proxy exposed ports using Caddy/Traefik/Nginx/Apache2 (or whatever reverse proxy you prefer)
Self-hosted S3 (using MinIO)
- Create
.envfile (example here) - Create
docker-compose.yml(example here) - Fine-tune networks and/or volumes, if needed
sudo docker compose up -d- Proxy exposed ports using Caddy/Traefik/Nginx/Apache2 (or whatever reverse proxy you prefer)
NOTE: the self-hosted version uses a temporary container (paaster-minio-init) to create initial bucket
in MinIO container and configure it for public access.
Disable automatically via Vercel
Strict-Transport-Security: max-age=31536000X-XSS-Protection: 1; mode=blockX-Frame-Options: DENYFeature-Policy: microphone 'none'; camera 'none'; geolocation 'none'; payment 'none';
Paaster's frontend is also configured to work with Vercel, which offers enhanced security through server separation and improved performance.
Rclone is no longer supported for performance reasons & paaster is now only s3 compatible.
Look at Self-hosted S3 or Storage providers for cheap / free s3 storage.