Developer Tools●Mid
React-container-kit – named React providers and provider composition
DevTools-friendly named providers beat generic Provider wrappers, but unstated-next is niche.
CozyNiche Gem
harveyrandall
102mo ago
Back to browse
GitHub Repository
Kurpod is an encrypted file storage system with plausible deniability features. It's self-hosted, open source.
160 starsJavaScript
Kurpod – an encrypted OSS "container file" you can name vacation.jpg
by Tsarp·Feb 13, 2026·1 point·0 comments
AI Analysis
●●●BangerZero to OneBold BetWizardry
Dual-password encrypted blobs look innocent but hide real data inside.
Strengths
- •Genuine cryptographic novelty: XChaCha20-Poly1305 + Argon2id with compartmentalized volumes is architecturally clever
- •Single ~2.5MB Rust binary with no external dependencies makes deployment friction-free
- •Solves real-world coercion scenario (forced unlock) that mainstream encrypted storage ignores entirely
Weaknesses
- •Filename disguise explicitly isn't steganography—`file` command exposes it as encrypted data, limiting threat model
- •Early-stage code (author flags bugs/unaudited); no security audit or third-party cryptographic review yet
Category
Target Audience
Privacy-conscious users, journalists, activists, people in high-surveillance contexts
Similar To
VeraCrypt · Cryptomator · TrueCrypt
Post Description
I built Kurpod: a self-hosted file vault that stores many files inside a single encrypted blob you can name like an innocent file (e.g., “vacation.jpg”).
The twist: the same blob supports two passwords: - Password #1 unlocks a decoy volume (harmless files) - Password #2 unlocks a hidden volume (the real stuff)
Diagram: my_vacation.jpg (really an encrypted blob)
├─ pw1 → standard volume (decoy)
└─ pw2 → hidden volume (real)
Important: this is filename disguise, not steganography / real file-format mimicry. If someone runs `file`, it won’t look like a JPEG.Crypto primitives: Argon2id for KDF + XChaCha20-Poly1305 for encryption.
Quick start (Docker): docker run -p 3000:3000 -e BLOB_DIR=/data -v ./data:/data ghcr.io/srv1n/kurpod-server:latest open http://localhost:3000
Demo video: https://github.com/user-attachments/assets/d47b10cf-c38e-47e...
It’s an early release (expect bugs / not audited). I’d love feedback on:
1) threat model: what this protects well vs. where it’s weak
2) plausible-deniability ergonomics: what user mistakes would ruin the “decoy” story?
3) file format / crypto review: anything obviously dumb or dangerous?
Similar Projects
Security●●Solid
VeilVault – an Android password manager built to stay local
Decoy Vault and PanicHold features add real spy-movie utility to local storage.
Dark HorseNiche Gem
codeveil
112mo ago
Security●Mid
Paranoid Qrypto Offline/air-gapped/encryption(Argon2id+AES-256-GCM)
Air-gapped QR-code encryption, but paid tiers ($99+) for basic features existing tools offer.
Bold Bet
ParanoidQrypto
103mo ago
Security●●Solid
Local Vault – AES-256-GCM password manager in a single HTML file
One encrypted .vault file you carry anywhere with zero dependencies.
CozyNiche Gem
frederic123
102mo ago
Productivity●Mid
VaultNote – Local-first encrypted note-taking in the browser
Local-first AES encryption notes, but crowded space with Obsidian, Notion, Logseq alternatives.
CozySolve My Problem
powerwild
313mo ago
Security●●●Banger
DeadSwitch – Encrypted USB vault with dead man's switch
Solves $120B Bitcoin inheritance problem with USB-only, one-time payment model.
Solve My ProblemSlick
chuckgreve
223mo ago