wormhole.page

End-to-end encrypted file transfer in the browser. Drop a file, share the code, done.

Built on Magic Wormhole — fully interoperable with the standard wormhole and wormhole-rs CLIs. Your files never touch the server.

Live at wormhole.page

How it works

Your browser runs a full Magic Wormhole client via WebAssembly (compiled from wormhole-rs). SPAKE2 key exchange and NaCl SecretBox encryption happen entirely client-side — the server only serves static files and bridges WebSocket transit to the public relay.

Browser ──WSS──▶ mailbox relay    (SPAKE2 key exchange)
Browser ──WS───▶ our server ──TCP──▶ transit relay  (encrypted data)
CLI ────────────────────TCP────────▶ transit relay  (encrypted data)

The server cannot decrypt your files. It sees only encrypted transit traffic.

Usage

Browser → CLI

Open wormhole.page
Drop a file
Share the code with the receiver
Receiver runs: wormhole-rs receive <code>

CLI → Browser

Run: wormhole-rs send myfile.txt
Open wormhole.page
Enter the code and click Receive

Browser → Browser

Open wormhole.page in two tabs (or two devices). Send in one, receive in the other.

Self-hosting

wormhole.page is a single binary (~5 MB) with zero external dependencies.

One-click deploy

Docker Compose

docker compose up

This builds the image locally from the Containerfile and starts the server on port 8080. See docker-compose.yml for configuration options.

Container

podman build -t wormhole-page .
podman run -p 8080:8080 wormhole-page

From source

Requires Rust 1.94+ and wasm-pack.

git clone https://github.com/lucamartinetti/wormhole-page.git
cd wormhole-web
make build
make run

Configuration

wormhole-page-server [OPTIONS]

  --port PORT              Listen port (default: 8080, env: PORT)
  --static-dir DIR         Static files directory (default: static/, env: STATIC_DIR)
  --transit-relay ADDR     Upstream transit relay (default: transit.magic-wormhole.io:4001, env: TRANSIT_RELAY)

Client-side overrides

The WASM client reads optional globals from window before connecting. Set them in a <script> tag before the app loads:

<script>
  window.WORMHOLE_TRANSIT_RELAY = 'wss://my-relay.example.com/transit';
  window.WORMHOLE_MAILBOX_URL   = 'wss://my-mailbox.example.com/v1';
</script>

Variable	Default	Purpose
`WORMHOLE_TRANSIT_RELAY`	`wss://<host>/transit`	WebSocket URL for the transit relay bridge
`WORMHOLE_MAILBOX_URL`	`wss://relay.magic-wormhole.io:443/v1`	Mailbox (rendezvous) relay for SPAKE2 key exchange

License

MIT

Name		Name	Last commit message	Last commit date
Latest commit History 130 Commits
.claude/skills/pre-release-e2e		.claude/skills/pre-release-e2e
.github/workflows		.github/workflows
crates		crates
docs		docs
static		static
tests/e2e		tests/e2e
.gitignore		.gitignore
Cargo.lock		Cargo.lock
Cargo.toml		Cargo.toml
Containerfile		Containerfile
Makefile		Makefile
README.md		README.md
TODOS.md		TODOS.md
docker-compose.yml		docker-compose.yml
fly.toml		fly.toml
package-lock.json		package-lock.json
package.json		package.json
playwright.config.ts		playwright.config.ts

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

wormhole.page

How it works

Usage

Browser → CLI

CLI → Browser

Browser → Browser

Self-hosting

One-click deploy

Docker Compose

Container

From source

Configuration

Client-side overrides

License

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

wormhole.page

How it works

Usage

Browser → CLI

CLI → Browser

Browser → Browser

Self-hosting

One-click deploy

Docker Compose

Container

From source

Configuration

Client-side overrides

License

About

Topics

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages