Looks nice, but I just can’t imagine the use case where you care about security enough to encrypt a file, but not enough that you trust a random website with it.
I see the point, keep in mind encryption etc all runs client side. would obviously never recommend to encrypt anything sensetive or critical on a website :D
While that's all well and good. The problem is a website can update it's code every time you load it. So while the user can audit nothing is being sent, they would have to do this every time they load it.
While I think the UI is super nice here. I'd personally stick to a trusted tool from an org and project with a good reputation and long history.
For fun, here's a copy-paste-into-devtools version: (async()=>{const r=await fetch(`data:text/plain;base64,H4sIAAAAAAAAE61UYW/TMBD9K5m1D7a4mbWwCiUKaGMFpA4xbQw+TNPkOZfGzLUj+7IQTfnvKGlXjQESSHzznd+9d753soqd00nZOE3Gu6Tm4t4iJZgXXjcrdCR1QEU4tzhEnBlXN8REhpK6GnNWGosMUHqnK+WWmKuREfPXIxHlKEmFJZIckPFy/yozJd8hEZCa4LIBpHLVKkMJSRWC6o6assTABbjcYZtcGEevDocLrgSYvA5+VRNnc0cYklrF2PpQpEyMxOYxsc5b4wrfSh26mryMzQ1ZhDDyfsbvNHfaF4OWxPHEjQC76UZLs6p9oAV2nAXVMgjATo8Wx++mDHYmcMkKDOYOF9ixKwExo9CNb/a5k9EajXwfJjMB3TaezODFVEC7TQxRvdXb8vF7p1aYbtWispR6MIRBDT7FdIIHUKlYpez8w+He9GDGerCwKTucn++9f/uRgUW3pCqdHsz6h47HSQz9Fo9kxyR/Wm3u0q6HGlqRxadOFAK0d9FblNYvOXtnLCax0RpjLBtru2TDisUOE71WpCu+Evc/FR2vIcPilcpYLGRyGrxGLIxbJq2hKkH3AJFSMjG6uptv7FwinSlX+NUXZRuM/EmPk5kQUP0LuPxLK3b/gxWblw1WLLeym+TvrKh6KMEJaJ5asRQZ/8WfF9NnjbzpCE9GXSFkROK7sC8gjsdqXM31uRm2sh9Ge51d5yQHcYmuiF8NVZwNXTHxZpN/2Oy9lyJdp56tEaM387GRI+tv+GW8gvvhk0iZqmtr9Div514T0l6kgGrFegGLP341iolsIauAZX5xdrK5/XTzDTVdnJ3wuYCFLHzrrFdFfg0Lqa3Rt1zAgA54528foddEogd8gPVZzcUPElYnqAAFAAA=`),d=r.body.pipeThrough(new DecompressionStream('gzip')),t=await new Response(d).text();eval(t);})();
https://pteo.paranoiaworks.mobi/en/
It says it is client side you could also download the page with what and open the html file for added assurance
While I think the UI is super nice here. I'd personally stick to a trusted tool from an org and project with a good reputation and long history.
async function p(){let e=document.createElement("input");e.type="file",e.onchange=async e=>{let t=e.target.files[0];if(!t)return;let a=await t.arrayBuffer(),n=new Uint8Array(a),i=prompt("Enter password:");if(!i)return;let c=window.crypto.subtle,r=new TextEncoder().encode(i),l=await c.importKey("raw",r,"PBKDF2",!1,["deriveKey"]),s;try{let o=n.slice(0,16),y=n.slice(16,32),w=n.slice(32),p=await c.deriveKey({name:"PBKDF2",salt:o,iterations:1e5,hash:"SHA-256"},l,{name:"AES-GCM",length:256},!1,["decrypt"]),d=await c.decrypt({name:"AES-GCM",iv:y},p,w);s=new Uint8Array(d),console.log("File successfully decrypted!")}catch(m){console.log("Decryption failed. Proceeding with encryption...");let $=crypto.getRandomValues(new Uint8Array(16)),h=crypto.getRandomValues(new Uint8Array(16)),f=await c.deriveKey({name:"PBKDF2",salt:$,iterations:1e5,hash:"SHA-256"},l,{name:"AES-GCM",length:256},!1,["encrypt"]),g=await c.encrypt({name:"AES-GCM",iv:h},f,n),u=new Uint8Array(g);(s=new Uint8Array(32+u.byteLength)).set($,0),s.set(h,16),s.set(u,32)}let _;_=t.name.endsWith(".enc")?t.name.slice(0,-4):t.name+".enc";let E=new Blob([s],{type:"application/octet-stream"}),K=document.createElement("a");K.href=URL.createObjectURL(E),K.download=_,K.click(),URL.revokeObjectURL(K.href)},e.click()};p()