The Lore-Book
A treatise on encrypted passage, swift delivery & the Handshake of Fellowship
· · ᛞ ᚢ ᚱ ᛁ ᚾ · ᚠ ᚱᛖᛟᚾᛞ · ᛖᚾᛏᛖᚱ · ·
ᚠ What is Durin's Door?
Durin's Door is a zero-knowledge encrypted file-sharing web application. Like the ancient gate of Moria — it reveals itself only to those who know the word — Durin's Door encrypts your files entirely in your browser before they ever reach the server. The key lives only in the URL fragment, which is never sent to the server.
- Zero-knowledge encryption — AES-256-GCM, key stays in the URL fragment (#), never sent to the server
- Auto-expiry — links vanish after the time you set
- Download limits — restrict to N downloads and the door seals itself
- Optional password — adds a verification gate atop the key
- Handshake mode — peer-to-peer ECDH key exchange, no shared URL needed
- Zero server-side decryption — the server stores encrypted blobs only
ᚢ How to Share a File
To place an artifact in the vault, drag a file onto the door — or click it to browse. The door will encrypt your file in-browser, upload the ciphertext, and carve a link.
- Drag or click the door on the home page to select your file
- Set options — expiry, download limit, optional password
- Click “Send Through the Door” — your browser encrypts with AES-256-GCM before upload
- Copy the link — the decryption key is in the
#fragment, invisible to the server
The key is NEVER sent to the server. URL fragments (the #key=… part) are a browser-only construct — they don't appear in server logs, proxies, or CDN records. Share the full URL with your recipient.
ᚱ How to Download
The bearer of the link visits the download page. The door presents what lies within. If a password was set, the door asks for the word. Speak truly, and it opens. Decryption happens entirely in your browser — plaintext never touches the server.
- Open the link — the download page shows file details
- Enter password (if required) — verified locally against a hash
- Click “Open the Door & Download” — encrypted blob fetched, decrypted in browser, saved to device
ᚨ Handshake Mode — Peer-to-Peer Transfer
Handshake Mode enables direct peer-to-peer encrypted transfers without sharing a URL. The receiver generates a short pairing code; the sender enters it. An ECDH (P-256) key exchange derives a shared secret — the server never sees the key.
- Receiver clicks “Handshake” → gets a 6-character code (e.g. GANDALF)
- Receiver shares the code with the sender verbally or via any channel
- Sender enters the code on the send page — ECDH keys are exchanged
- Both see a verification phrase — 3 Tolkien words derived from the shared secret. Confirm they match!
- Sender uploads file — encrypted with the ECDH-derived AES key
- Receiver auto-downloads — decrypted in their browser with the same derived key
The verification phrase (3 Tolkien words) works like Signal safety numbers — both sides must see identical words to confirm the shared secret was derived correctly and no man-in-the-middle is present.
ᛊ Security & Encryption
AES-256-GCM authenticated encryption. Each file gets a unique 256-bit key. For Handshake mode, ECDH P-256 derives the shared key — mathematically impossible to recover without one party's private key. Passwords use SHA-256 for the web version.
- AES-256-GCM — authenticated encryption detects tampering
- Unique key per share — compromise of one share exposes nothing else
- ECDH P-256 — Handshake keys derived in-browser, never transmitted
- Browser-side decryption — plaintext never written to any server
- Auto-expiry — expired files are purged from storage
- Zero-knowledge — the server stores only encrypted blobs
ᛏ Install the CLI
Durin's Door also comes as a command-line tool — a single binary, no dependencies. Download it from GitHub Releases or use one of the incantations below.
# Linux (x86_64)
curl -fSL https://github.com/DesoCT/DurinsDoor/releases/latest/download/durins-door-linux-amd64 -o durins-door
chmod +x durins-door && sudo mv durins-door /usr/local/bin/
# Linux (ARM64 / Raspberry Pi)
curl -fSL https://github.com/DesoCT/DurinsDoor/releases/latest/download/durins-door-linux-arm64 -o durins-door
chmod +x durins-door && sudo mv durins-door /usr/local/bin/
# macOS (Apple Silicon)
curl -fSL https://github.com/DesoCT/DurinsDoor/releases/latest/download/durins-door-darwin-arm64 -o durins-door
chmod +x durins-door && mv durins-door /usr/local/bin/
# macOS (Intel)
curl -fSL https://github.com/DesoCT/DurinsDoor/releases/latest/download/durins-door-darwin-amd64 -o durins-door
chmod +x durins-door && mv durins-door /usr/local/bin/
# Windows (PowerShell)
Invoke-WebRequest -Uri https://github.com/DesoCT/DurinsDoor/releases/latest/download/durins-door-windows-amd64.exe -OutFile durins-door.exe
# Or with wget
wget -qO durins-door https://github.com/DesoCT/DurinsDoor/releases/latest/download/durins-door-linux-amd64
chmod +x durins-door && sudo mv durins-door /usr/local/bin/
# Or build from source
go install github.com/unisoniq/durins-door@latestᛈ Server CLI Reference
The self-hosted server encrypts files locally with AES-256-GCM, stores them on disk, and serves them over HTTP with optional Cloudflare/ngrok tunneling. All incantations of the durins-door command:
durins-door server [flags]
| Flag | Default | Description |
|---|---|---|
| --port | 8888 | HTTP server port |
| --token | auto-generated | Admin bearer token for the dashboard |
| --tunnel | true | Auto-create Cloudflare/ngrok tunnel |
| --no-tunnel | false | Disable automatic tunnel (LAN only) |
durins-door share [flags] <file>
| Flag | Default | Description |
|---|---|---|
| --key | auto-generated | Custom encryption key passphrase |
| --expires | 1h | Expiry duration (1h, 24h, 7d) |
| --password | (none) | Require a password to download |
| --max-downloads | 0 (unlimited) | Max number of downloads before the link seals |
| --port | 0 (auto) | HTTP server port |
| --no-tunnel | false | Disable tunnel |
| --register-only | false | Encrypt and register without starting a server |
# Start the server
durins-door server --port 8888
# Share a file (starts server + tunnel automatically)
durins-door share secret.pdf --expires 24h --max-downloads 3
# Password-protected, custom key
durins-door share mithril.zip --password "mellon" --key "speak-friend"
# One-time download link
durins-door share one-ring.bin --max-downloads 1 --expires 1h
# List all active shares
durins-door list
# Revoke a share (full ID or prefix)
durins-door revoke abc123
# Check version
durins-door --versiondurins-door download <url>
Download and decrypt a shared file from a remote Durin's Door server. The encryption key is extracted from the URL fragment.
| Flag | Default | Description |
|---|---|---|
| -o, --output | original filename | Output file path |
durins-door upload <file>
Upload a file to a remote Durin's Door server. Requires --api-token or the DURINS_DOOR_TOKEN environment variable.
| Flag | Default | Description |
|---|---|---|
| --password | (none) | Password-protect the share |
| --expires | (none) | Expiry duration (24h, 7d, 30d) |
| --max-downloads | 0 (unlimited) | Max download count |
durins-door send <file> --to <CODE>
Send a file to a waiting receiver via ECDH P-256 handshake against a remote server. Both parties see a 3-word Tolkien verification phrase to confirm no man-in-the-middle.
| Flag | Default | Description |
|---|---|---|
| --to | (required) | Pairing code from the receiver |
| --password | (none) | Additional password layer on top of ECDH |
| --expires | (none) | Share expiry (24h, 7d) |
| --max-downloads | 0 (unlimited) | Max download count |
durins-door receive
Wait for a peer to send you a file via ECDH handshake. Generates a Tolkien-word pairing code, then auto-downloads and decrypts the file when the sender uploads it. Times out after 10 minutes.
| Flag | Default | Description |
|---|---|---|
| -o, --output | . (current dir) | Directory to save the received file |
Global flags (all commands)
| Flag | Default | Description |
|---|---|---|
| --server-url | https://durinsdoor.io | Durin's Door server URL |
| --api-token | (none) | Admin bearer token (also via DURINS_DOOR_TOKEN env var) |
| --version | Print version and build date |
ᛞ Using the CLI with durinsdoor.io
The CLI talks directly to durinsdoor.io by default — no self-hosted server needed. Encrypt locally, upload ciphertext to the cloud. Zero-knowledge — the server never sees your key or plaintext.
# Send a file to someone (they open Handshake > Receive in the browser)
durins-door send file.pdf --to HXMP3K
# Receive a file (displays a pairing code)
durins-door receive
# Upload a file and get a share link
durins-door upload secret.pdf --expires 24h
# List active shares
durins-door list
# Revoke a share
durins-door revoke <share-id>The CLI connects to https://durinsdoor.io by default. Override with --server-url to point at a self-hosted server or local dev instance.