Zero-knowledge encrypted, self-destructing secret links from your launcher.
Encrypt a password, API key, or any short piece of text on your machine, get back a one-time link, and share it through any channel — Slack, email, SMS. The recipient opens the link, the secret decrypts in their browser, and it's gone forever. The Vaulted server only ever stores ciphertext; the decryption key lives in the URL fragment, which browsers never transmit.
Form-driven creation. Type or paste up to 1,000 characters, pick a max-view count (1, 3, 5, 10, or unlimited within expiry), pick an expiry (1 hour to 30 days), and optionally add a passphrase that the recipient must enter to decrypt. The share link is copied to your clipboard automatically.
The hotkey path. Bind it to a Raycast shortcut (e.g. ⌥⌘V), copy a secret to the clipboard, fire the command. The clipboard is replaced with a Vaulted share link, your defaults from preferences are used. A HUD confirms the result.
Paste a Vaulted link, optionally enter the passphrase if the link was passphrase-protected, and the plaintext appears in a Detail view. A confirmation prompt warns you before consuming a view (toggleable in preferences).
@vaulted/crypto package — the same primitives as vaulted.fyi, the CLI, the MCP server, and the official GitHub Action.https://vaulted.fyi).http://localhost and http://127.0.0.1 allowed for self-hosted development.User-Agent: vaulted-raycast/<version> and surfaces any server-supplied error message verbatim, so deprecation notices and rate-limit details reach you.https://vaulted.fyi. Point at your own deployment for self-hosted use.Vaulted is open source and end-to-end encrypted. The server never sees plaintext or the decryption key, even if it's compromised. Read more at vaulted.fyi/security and vaulted.fyi/how-it-works.
This extension: github.com/vaulted-fyi/vaulted-raycast
Related projects:
vaulted-cli — terminal client@vaulted/mcp-server — MCP integration for AI agentsshare-secret — GitHub ActionMaxim Novak (@maxim_novak)
MIT