No. SecureShare decrypts files on your device. The server delivers encrypted metadata and encrypted chunks, but does not receive your decrypted content.
The file is encrypted by the sender and can only be decrypted by someone with the share link (and password, if set). Decryption happens locally in the viewer.
No. If a share uses a password, the viewer derives a key locally (Argon2id) and uses it to unwrap the file key and decrypt chunks.
Share pages under /s/ are marked noindex and sent with X-Robots-Tag headers to prevent indexing. This reduces accidental discovery of sensitive links.
Yes. Shares can be configured to expire or become invalid after certain conditions. When a share expires, the viewer will no longer be able to fetch the encrypted chunks.