01 // THE PROBLEM
If you live in the terminal — SSH sessions, tmux panes, headless VMs — you know the pain of extracting text from a remote machine. You need a 200-line stack trace, an API key, or a config block on your local clipboard. The options are uniformly terrible.
Native mouse selection destroys formatting across tmux pane borders. X11 forwarding is brittle, latent, and a non-starter on hardened bastion hosts. Pasting into Slack or Discord leaks your data to corporate indexing pipelines, third-party retention policies, and anyone with channel access. scp works but requires a round-trip dance of filenames and paths that breaks flow.
The Unix dream is a pipe. You want to cat something on a remote box and have it appear on your local clipboard — instantly, securely, and with zero setup. That's the premise behind copypaste.fyi: a developer-first clipboard relay that integrates natively with Unix pipelines and encrypts everything client-side before it ever touches the wire.
$ cat logs.txt | curl -F "file=@-" https://copypaste.fyi
> Token: 829-104 (TTL: 5m, self-destructs on read)
$ curl https://copypaste.fyi/829-104
> [plaintext contents of logs.txt]
One command to send. One command to receive. No accounts, no auth tokens, no browser tabs. The snippet lives for five minutes, then it's gone — whether or not anyone reads it.
02 // PROTOCOL DATAFLOW
The relay operates as a zero-knowledge intermediary. Unencrypted plaintext never exists outside the sender's and receiver's local environments. The server stores only ciphertext and has no mechanism to derive the decryption key. Here is the full sequence:
Steps 5 and 6 are the important invariant: read and delete execute as a single Redis PIPELINE transaction. There is no window where a second reader can race ahead and retrieve the same payload. The snippet is consumed once.
03 // THREAT MODEL & SECURITY PRINCIPLES
The security model is built on four non-negotiable invariants:
- Single-Use Self-Destruction: Every snippet is consumed exactly once. The atomic
GET + DELpipeline ensures the key is purged from Redis the instant ciphertext is transmitted. A second retrieval attempt returns a 404. - Ephemeral TTLs: All keys are created with a 300-second (5-minute) time-to-live. If no one reads the snippet, Redis evicts it automatically. There is no persistent storage layer — no database, no S3 bucket, no log drain.
- Zero-Knowledge Encryption: The server only ever handles ciphertext. The encryption key lives exclusively in the URL hash fragment (
#key=...), which browsers never transmit in HTTP requests. The relay is cryptographically unable to read your data. - URL Hash Fragment Anchoring: The decryption key is appended after the
#in the URL. Per RFC 3986, the fragment identifier is stripped by the user agent before the request is sent. Even a fully compromised relay with packet capture sees nothing usable.
Threat Scenarios
- Compromised Relay: An attacker with root access to the edge function sees only AES-256-GCM ciphertext. Without the key (which never touches the server), decryption requires brute-forcing a 256-bit keyspace — computationally infeasible.
- Network MITM: All transport is over TLS 1.3. Even if TLS is stripped, the attacker obtains ciphertext without the hash fragment key. The payload is doubly protected: transport encryption + application-layer encryption.
- Timing / Replay Attacks: Single-use semantics eliminate replay. The 5-minute TTL bounds the attack window. Token entropy (6-digit numeric, ~20-bit keyspace) is acceptable given the burn-after-reading constraint — an attacker has at most one guess per token before it self-destructs or expires.
04 // CRYPTOGRAPHIC SCHEME
For browser-to-browser transfers, copypaste.fyi implements end-to-end encryption using the Web Crypto API. The cryptographic pipeline has three stages:
A 256-bit random seed is generated via crypto.getRandomValues(new Uint8Array(32)). If a passphrase is provided, the key is derived using PBKDF2 with a cryptographically random 16-byte salt and 100,000 iterations of SHA-256. The iteration count is deliberately high to make offline brute-force attacks against weak passphrases computationally expensive.
Plaintext is encrypted using AES-256 in Galois/Counter Mode. A fresh 12-byte initialization vector (IV) is generated for each encryption operation via crypto.getRandomValues(new Uint8Array(12)). GCM mode produces both the ciphertext and a 128-bit (16-byte) authentication tag that guarantees integrity — any tampering with the ciphertext or IV causes decryption to fail with a DOMException.
The derived key is Base64url-encoded and appended to the share URL as a hash fragment: https://copypaste.fyi/829-104#key=.... Because RFC 3986 §3.5 specifies that the fragment is processed client-side only, no HTTP request — including the initial page load — ever contains the key. The server stores only the IV and ciphertext. Decryption happens entirely in the receiver's browser.
05 // EDGE ARCHITECTURE
The relay runs on Vercel Edge Functions backed by Upstash Redis — a globally replicated, serverless key-value store with native REST API access from edge runtimes. There is no origin server. Every request is handled at the nearest edge PoP (Point of Presence), typically within 20ms of the client.
Tokens are formatted as XXX-XXX — two groups of three random digits separated by a hyphen. This gives a keyspace of 10⁶ (one million) possible tokens, which is more than sufficient for the expected volume of concurrent, short-lived snippets. The format is optimized for verbal communication and fast typing.
The Redis operations use pipelined transactions to guarantee atomicity. On retrieval, the edge function executes GET and DEL in a single pipeline call — the snippet is read and destroyed in one atomic round-trip. This eliminates race conditions where two simultaneous readers could both receive the payload.
Because edge functions are stateless and Redis handles all persistence, horizontal scaling is automatic. There are no warm-up penalties, no cold-start containers, and no connection pooling issues — Upstash exposes a REST-over-HTTPS interface that works natively from edge runtimes without TCP socket overhead.
06 // CLI INTEGRATION
The primary interface is curl. No CLI binary to install, no package manager, no dependencies. If you have curl (and you do), you have a clipboard relay.
Sending a snippet
$ echo 'DATABASE_URL=postgres://...' | curl -F 'file=@-' https://copypaste.fyiPiping from a command
$ kubectl logs deploy/api --tail=500 | curl -F 'file=@-' https://copypaste.fyiReceiving on another machine
$ curl https://copypaste.fyi/829-104Piping into clipboard (macOS)
$ curl -s https://copypaste.fyi/829-104 | pbcopyThe API is intentionally minimal. POST with a multipart/form-data body to upload; GET with the token path to download. No API keys, no OAuth, no headers to remember. The token itself is the sole authentication factor — knowing it grants exactly one read, then the snippet is gone.
07 // INTERACTIVE PROTOCOL PLAYGROUND
The interactive panel below simulates the full cryptographic lifecycle of a clipboard snippet. You can trigger transmissions, inspect ciphertexts, and watch payloads self-destruct in real time:
- Double-Helix Key Exchange (KEX): The first phase demonstrates the Diffie-Hellman-style handshake. Hovering Sender A renders the public-key generation parameter and a rotating vector arrow visualizing elliptic curve point multiplication.
- Cryptographic Storage (SEAL): The second phase simulates symmetric encryption. Hovering RELAY reveals its zero-knowledge architecture — a secure encrypted payload grid and locked data tooltip showing that the relay holds only ciphertext.
- Manual Self-Destruction (BURN): Hovering Receiver B details receipt token validation. Clicking Box B triggers the 50-spark physics-based self-destruction explosion, demonstrating immediate memory erasure.
- Time-To-Live Countdown (TTL): The TTL bar stretches across the right quadrant. Hovering displays a reset countdown prompt, and clicking the TTL bar resets the timer with a flash — simulating the expiry mechanism.
08 // OPERATIONAL METRICS
Performance characteristics measured across production traffic:
8ms — median round-trip for upload + KV write from US-East clients. Edge proximity dominates; the Redis REST call is typically under 2ms.
<20ms — tail latency stays tight because there are no cold starts (edge functions), no connection pools, and no origin round-trips.
512 KB — enforced at the edge function layer. Enough for config files, logs, and code snippets. Not designed for binary blobs or media.
<1ms — AES-GCM via Web Crypto runs on hardware-accelerated AES-NI in modern browsers. PBKDF2 key derivation adds ~80ms (deliberate).
30+ regions— Vercel's edge network spans every major continent. Clients are routed to the nearest PoP via anycast DNS.
10⁶ — the XXX-XXX format yields one million possible tokens. With a 5-minute TTL, collision probability is negligible at expected volumes.
09 // CONCLUSION & REPOSITORIES
copypaste.fyi exists because the clipboard should be a pipe — fast, ephemeral, and private. It reduces the copy-from-remote-server problem to a single curl invocation with zero configuration overhead. The security model ensures that even a fully compromised relay learns nothing: all it ever touches is ciphertext bound by a 5-minute TTL and a single-use constraint.
The architecture is deliberately minimal: two edge function endpoints, one Redis instance, no accounts, no persistent storage. Complexity is the enemy of security, and this system has almost no surface area to attack.
Source code: github.com/qxlsz/copypaste.fyi — Live at copypaste.fyi.