Kutup

End-to-end encrypted · self-hosted · real-time collab

The end-to-end encrypted Drive

An end-to-end encrypted drive you run yourself. Files, notes, office docs, and whiteboards — everything is encrypted in your browser before it leaves the page.

Self-host Kutup Download apps
Kutup Drive interface

Zero-knowledge server

Keys are derived in your browser from your password and recovery phrase. The server stores ciphertext it can never read.

Collaboration, still encrypted

Real-time editing without giving up E2EE — the relay routes opaque, signed frames and never sees content.

Yours to run & federate

One Docker Compose stack. Share folders across Kutup servers without either backend seeing plaintext.

What’s inside

One encrypted workspace for everything

Files, notes, code, spreadsheets, slides, and whiteboards — all under the same hard-baked encryption boundary.

Files the server can’t read

Nested folders, drag-and-drop uploads, share links, and per-user permissions. Filenames and folder structure are encrypted too.

Kutup Drive — file browser with folders, uploads, and storage quota

Live notes & code

CodeMirror 6 + Yjs for Markdown and 20+ code languages, with live multi-user cursors. Every edit reaches the server as ciphertext.

Notes editor — CodeMirror with version-history sidebar

Office docs, fully client-side

.docx, .xlsx, and .pptx open in OnlyOffice running entirely in your browser. Live presence, formulas, charts — never decrypted server-side.

Spreadsheet editor with conditional formatting

Whiteboards

Excalidraw canvases with live sync — wrapped in the same encrypted envelope as everything else.

Excalidraw whiteboard

Version history on every file

Every save is a snapshot. Scroll back and restore from the History sidebar in any editor.

Version history sidebar

You own your keys

Per-device keys you can revoke, a 24-word recovery phrase, and optional 2FA. Nothing secret ever reaches the server.

Settings — devices and presence color
Explore all features

Architecture in 30 seconds

The relay routes ciphertext it can never decrypt

Every collab frame is encrypted in the browser, signed with a per-device Ed25519 key, and sent through an opaque WebSocket relay.

Browser A

AEAD-encrypt + sign the update with a per-device Ed25519 key.

Rust relay

ciphertext only

Verify the signature, route by file, persist and broadcast — bytes unchanged.

Browser B

Verify, decrypt, and apply. Per-file keys derive from the collection master key.

Full key hierarchy, login flow, federation model, and wire spec live in the documentation ↗.

Built on

A pragmatic, auditable stack

Rust · Axum PostgreSQL 16 React 18 · TypeScript · Vite libsodium · XChaCha20-Poly1305 Yjs CRDT OnlyOffice Excalidraw Tauri 2 SeaweedFS Docker Compose

Inspired by great open-source projects: OnlyOffice · CryptPad · Ente · Excalidraw

Run your own encrypted Drive today

Clone the repo, fill in a few secrets, and docker compose up. You’re the only one who can read your data.

Get started View source ↗