Back to Projects
Raven Zero
Backend
Security
DevOps

Raven Zero

Ephemeral by design, private by default, open by principle.

Web API GitHub

Overview

Raven Zero is a RESTful API for ephemeral file sharing, accompanied by a modern and fully functional web client. The backend is built with FastAPI and offers AES-128 encryption, while the Astro frontend allows any user to upload and download files without registration. No tracking, no cookies — just secure temporary transfer.

The Problem

Transferring sensitive data between devices securely is challenging. Traditional cloud storage services expose data to third parties, email leaves permanent traces, and most file sharing services keep files indefinitely. Existing solutions like Data Dead Drop are no longer available.

  • Traditional cloud services (Dropbox, Google Drive) keep files indefinitely with full content access
  • Email and messaging leave permanent traces of sensitive files
  • WeTransfer requires email and has 7-day retention with no self-hosting option
  • Data Dead Drop (project inspiration) was discontinued
  • Need to transfer API keys, tokens, and configs securely and temporarily

The Solution

Raven Zero fills this gap: ephemeral by design, encrypted at rest, self-hostable, and open source. The project includes a robust RESTful API built with FastAPI and a modern web client developed in Astro that allows any user to upload and download files intuitively. Files are automatically deleted by time (max 60 minutes) or by download count (max 5).

  • FastAPI backend with modular architecture and design patterns (Repository, Strategy, DI)
  • Astro web client with modern, responsive interface and smooth user experience
  • AES-128 encryption with Fernet for all files at rest
  • 3-word Diceware keys for readable and memorable URLs (38.9 bits entropy)
  • Secure deletion with byte overwriting (shredding) before removal
  • Redis with native TTL for ephemeral metadata
  • SHA-256 integrity verification on every download
  • RESTful API with interactive documentation (Scalar/Swagger)
  • Anti brute-force protection with IP blocking

Key Features

Auto-destruction

Files automatically expire by time (1-60 min) OR by download count (1-5 uses).

Encryption at Rest

All files are encrypted with AES-128 (Fernet) before being saved to disk.

Diceware Keys

Readable URLs like 'apple-banana-cherry' with 470 billion combinations.

Secure Deletion

Files are overwritten with random bytes before deletion (configurable shredding).

Integrity Verification

SHA-256 hash verified on every download to ensure the file wasn't tampered with.

No Registration

Completely anonymous. No accounts, no tracking, no cookies, no analytics.

Tech Stack

Backend:
Python 3.13 FastAPI Uvicorn Pydantic
Storage:
Redis/Valkey Encrypted Filesystem Secure Shredding
Security:
Fernet (AES-128-CBC) SHA-256 python-magic Slowapi
Infrastructure:
Docker Docker Compose uv (package manager)

Project Info

Type
Backend API
Year
2025
Team
Personal Project
Duration
2 weeks

Screenshots

API Documentation with Scalar
API Documentation with Scalar
Functional Documentation
Functional Documentation
File Upload Input
File Upload Input
File Preview, Download and Status Input
File Preview, Download and Status Input
Upload Page Success
Upload Page Success
File Preview Page
File Preview Page
File Download Page
File Download Page
Health Page
Health Page

Other Projects

ISG Iadov
Research
Mobile
Desktop

ISG Iadov

Flutter SQLite Google Forms
Booking Management System
Web
Backend
DevOps

Booking Management System

Next.js FastAPI PostgreSQL Docker
Luna de Plata
Frontend
CMS

Luna de Plata

Astro React Sanity CMS
View All Projects