One message. One chance.

1LIFE

Encryption that destroys itself after a single read.
No servers. No cloud. Pure mathematics.

Encrypt Now How It Works
Scroll
ODE decryption
256
AES key bits
5
Cipher modes
3
Destroy layers
0
Servers needed
Protocol

HOW
IT WORKS

ODE uses three independent layers to enforce one-decrypt. Even if you keep the original file, all three layers must pass — and after decryption, all three are permanently tripped.

01
Layer 1 — Fingerprint DB
Before anything, a SHA-256 fingerprint of the blob is checked against localStorage. If found, decryption is blocked — even if you re-upload the original untouched file.
02
Layer 2 — Header Zeros
After successful decrypt, salt + nonce + hash chain are overwritten with zeros in the file. Re-opening the destroyed file fails the zero-check before any crypto runs.
03
Layer 3 — Chain Verify
SHA3-512 hash chain binds key + nonce + salt. Tampering any byte breaks the chain. Zeroed header also breaks the chain — double-enforcing destruction.
04
Multi-Mode Support
Beyond ODE, choose standard AES-256-GCM, ChaCha20-Poly1305, AES-CBC+HMAC, or Hybrid RSA+AES for use cases that allow multiple decrypts with a password.
Algorithm
ODE Encrypt
// Ephemeral — never stored directly
salt,nonce = random(32B, 16B)
K = SHA3-256(salt || nonce)
H = SHA3-512(K || nonce || salt)
C,tag = AES-256-GCM(P, K, nonce)
blob = magic+salt+nonce+H+tag+C
ODE Decrypt — 3 Layers
// Layer 1: fingerprint blacklist
if SHA256(blob[:128]) in localStorage: BLOCK
// Layer 2: zero-header check
if salt==0x00 or nonce==0x00: BLOCK
// Layer 3: chain verify + decrypt
K = SHA3-256(salt||nonce); verify H
P = AES-GCM-Dec(C,K,nonce)
// Destroy + record
blob[4..116] = zeros; localStorage.add(fp)
Interactive Tool

TRY IT
NOW

ODE blobs can only be decrypted once. Three independent layers enforce this. After decryption, recovery is mathematically impossible. Download and store the file carefully.
ODE · 1-Life
AES-256-GCM + SHA3-512 hash chain. 3-layer destroy. Self-destructs.
One-Decrypt
AES-256-GCM
Password-based. Authenticated encryption. Industry standard.
Multi-use
ChaCha20-Poly1305
Password-based stream cipher. Fast on mobile hardware.
Fast
AES-256-CBC
Password-based. Classic block cipher + HMAC-SHA256.
Classic
Hybrid RSA+AES
RSA-2048 wraps AES-256-GCM session key. Asymmetric.
Asymmetric
blob.enc
⬇ Download
ODE decryption is irreversible and enforced by three independent layers. Key material is zeroed AND a fingerprint is saved to localStorage. Even re-uploading the original file is blocked permanently on this device.
☠ PERMANENTLY DESTROYED
Key material zeroed. Fingerprint recorded in localStorage.
This file can never be decrypted again on this device.