Paaster is a secure by default end-to-end encrypted pastebin built with the objective of simplicity.

Overview

Follow the development of our desktop client here

Paaster

Paaster is a secure by default end-to-end encrypted pastebin built with the objective of simplicity.

Preview

Video of paaster in action! Mobile preview

Features

Looking to build a client for paaster?

Check out our Integration documentation

Security

What is E2EE?

E2EE or end to end encryption is a zero trust encryption methodology. When you paste code into paaster the code is encrypted locally with a secret generated on your browser. This secret is never shared with the server & only people you share the link with can view the paste.

Can I trust a instance of paaster not hosted by me?

No. Anyone could modify the functionality of paaster to expose your secret key to the server. We recommend using a instance you host or trust.

How are client secrets stored?

Client-sided secrets are stored in localStorage on paste creation (for paste history.) Anything else would be retrievable by the server or be overly complicated. This does make paaster vulnerable to malicious javascript being executed, but this would require malicious javascript to be present when the svelte application is built. If this was the case you'd have bigger issues, like the module just reading all inputs & getting the plain text paste.

How are client secrets transported?

Paaster uses URI fragments to transport secrets, according to the Mozilla foundation URI fragments aren't meant to be sent to the server. Bitwarden also has a article covering this usage here.

How are server secrets stored?

Server-sided secrets are stored in localStorage on paste creation, allowing you to modify or delete pastes later on. Server-sided secrets are generated on the server using the python secrets module & are stored in the database using bcrypt hashing.

Cipher

paaster is built using the forge module, using AES-256 in CBC mode with PKCS7 padding & PBKDF2 key derivation at 50,000 iterations. More details are located in our Integration documentation.

Shortcuts

  • Ctrl+V - Paste code.
  • Ctrl+S - Download code as file.
  • Ctrl+A - Copy all code to clipboard.
  • Ctrl+X - Copy URL to clipboard.

Requesting features

  • Open a new issue to request a feature (one issue per feature.)

What we won't add

  • Paste editing.
    • paaster isn't a text editor, it's a pastebin.
  • Paste button.
    • paaster isn't a text editor, when code is inputted it will always be automatically uploaded.
  • Optional encryption.
    • paaster will never have opt-in / opt-out encryption, encryption will always be present.

Setup

Production with Docker

  • git clone --branch Production https://github.com/WardPearce/paaster
  • Configure docker-compose.yml
  • Proxy exposed ports using Nginx (or whatever reverse proxy you prefer.)
  • FRONTEND_PROXIED should be the proxied address for "paaster_frontend". E.g. for paaster.io this is "https://paaster.io"
  • VITE_BACKEND should be the proxied address for "paaster_starlette". E.g. for paaster.io this is "https://api.paaster.io"
  • sudo docker-compose build; sudo docker-compose up -d

Using Rclone

Using rclone with Docker Compose

Basically the most important part is to install fuse, create /var/lib/docker-plugins/rclone/config & /var/lib/docker-plugins/rclone/cache, install the docker plugin docker plugin install rclone/docker-volume-rclone:amd64 args="-v" --alias rclone --grant-all-permissions, configure the rclone.conf for the storage service you want to use & then configure your docker compose to use the rclone volume. Example rclone docker compose.

Production without docker

This setup is not recommended & requires more research / knowledge.

  • git clone --branch Production https://github.com/WardPearce/paaster.
  • cd paaster-frontend
  • Create .env
    • VITE_NAME - The name displayed on the website.
    • VITE_BACKEND - The URL of the API.
  • Install nodejs
    • npm install
    • npm run build
  • Serve files generated in dist with Nginx (or whatever reverse proxy you use.)
  • cd paaster-backend
  • Install Python 3.7+
    • pip3 install -r requirements.txt
    • Configure main.py following the guide for uvicorn.
  • Pass environmental variables
    • REDIS_HOST
    • REDIS_PORT
    • MONGO_IP
    • MONGO_PORT
    • MONGO_DB
    • FRONTEND_PROXIED - The URL of the Frontend.
  • Proxy port with Nginx (or whatever reverse proxy you use.)

Development

  • git clone https://github.com/WardPearce/paaster.
  • cd paaster-frontend
  • Create .env
    • VITE_NAME - The name displayed on the website.
    • VITE_BACKEND - The URL of the API.
  • Install nodejs
    • npm install
    • npm run dev
  • cd paaster-backend
  • Pass environmental variables
    • REDIS_HOST
    • REDIS_PORT
    • MONGO_IP
    • MONGO_PORT
    • MONGO_DB
    • FRONTEND_PROXIED - The URL of the Frontend.
  • Install Python 3.7+
    • pip3 install -r requirements.txt
    • Run main.py
Owner
Ward
Privacy advocate & open source developer
Ward
Code and Resources for the Transformer Encoder Reasoning Network (TERN)

Transformer Encoder Reasoning Network Code for the cross-modal visual-linguistic retrieval method from "Transformer Reasoning Network for Image-Text M

Nicola Messina 53 Dec 30, 2022
PyTorch implementation of our ICCV2021 paper: StructDepth: Leveraging the structural regularities for self-supervised indoor depth estimation

StructDepth PyTorch implementation of our ICCV2021 paper: StructDepth: Leveraging the structural regularities for self-supervised indoor depth estimat

SJTU-ViSYS 112 Nov 28, 2022
Pomodoro timer that acknowledges the inexorable, infinite passage of time

Pomodouroboros Most pomodoro trackers assume you're going to start them. But time and tide wait for no one - the great pomodoro of the cosmos is cold

Glyph 66 Dec 13, 2022
Revisiting Self-Training for Few-Shot Learning of Language Model.

SFLM This is the implementation of the paper Revisiting Self-Training for Few-Shot Learning of Language Model. SFLM is short for self-training for few

15 Nov 19, 2022
Code for the Paper "Diffusion Models for Handwriting Generation"

Code for the Paper "Diffusion Models for Handwriting Generation"

62 Dec 21, 2022
an Evolutionary Algorithm assisted GAN

EvoGAN an Evolutionary Algorithm assisted GAN ckpts

3 Oct 09, 2022
WebUAV-3M: A Benchmark Unveiling the Power of Million-Scale Deep UAV Tracking

WebUAV-3M: A Benchmark Unveiling the Power of Million-Scale Deep UAV Tracking [Paper Link] Abstract In this work, we contribute a new million-scale Un

25 Jan 01, 2023
Gym Threat Defense

Gym Threat Defense The Threat Defense environment is an OpenAI Gym implementation of the environment defined as the toy example in Optimal Defense Pol

Hampus Ramström 5 Dec 08, 2022
Code release to accompany paper "Geometry-Aware Gradient Algorithms for Neural Architecture Search."

Geometry-Aware Gradient Algorithms for Neural Architecture Search This repository contains the code required to run the experiments for the DARTS sear

18 May 27, 2022
Normalization Matters in Weakly Supervised Object Localization (ICCV 2021)

Normalization Matters in Weakly Supervised Object Localization (ICCV 2021) 99% of the code in this repository originates from this link. ICCV 2021 pap

Jeesoo Kim 10 Feb 01, 2022
Deep learning PyTorch library for time series forecasting, classification, and anomaly detection

Deep learning for time series forecasting Flow forecast is an open-source deep learning for time series forecasting framework. It provides all the lat

AIStream 1.2k Jan 04, 2023
Official repository for "Exploiting Session Information in BERT-based Session-aware Sequential Recommendation", SIGIR 2022 short.

Session-aware BERT4Rec Official repository for "Exploiting Session Information in BERT-based Session-aware Sequential Recommendation", SIGIR 2022 shor

Jamie J. Seol 22 Dec 13, 2022
Towards Long-Form Video Understanding

Towards Long-Form Video Understanding Chao-Yuan Wu, Philipp Krähenbühl, CVPR 2021 [Paper] [Project Page] [Dataset] Citation @inproceedings{lvu2021,

Chao-Yuan Wu 69 Dec 26, 2022
CompilerGym is a library of easy to use and performant reinforcement learning environments for compiler tasks

CompilerGym is a library of easy to use and performant reinforcement learning environments for compiler tasks

Facebook Research 721 Jan 03, 2023
MLP-Like Vision Permutator for Visual Recognition (PyTorch)

Vision Permutator: A Permutable MLP-Like Architecture for Visual Recognition (arxiv) This is a Pytorch implementation of our paper. We present Vision

Qibin (Andrew) Hou 162 Nov 28, 2022
Deeprl - Standard DQN and dueling network for simple games

DeepRL This code implements the standard deep Q-learning and dueling network with experience replay (memory buffer) for playing simple games. DQN algo

Yao Zhou 6 Apr 12, 2020
Source code of our BMVC 2021 paper: AniFormer: Data-driven 3D Animation with Transformer

AniFormer This is the PyTorch implementation of our BMVC 2021 paper AniFormer: Data-driven 3D Animation with Transformer. Haoyu Chen, Hao Tang, Nicu S

24 Nov 02, 2022
Source Code for Simulations in the Publication "Can the brain use waves to solve planning problems?"

Code for Simulations in the Publication Can the brain use waves to solve planning problems? Installing Required Python Packages Please use Python vers

EMD Group 2 Jul 01, 2022
Code for ICCV 2021 paper "HuMoR: 3D Human Motion Model for Robust Pose Estimation"

Code for ICCV 2021 paper "HuMoR: 3D Human Motion Model for Robust Pose Estimation"

Davis Rempe 367 Dec 24, 2022