PostGuard.eu is a solution that allows you to easily share files with end-to-end encryption, directly in the web browser. This is made possible by a Rust codebase compiled to WebAssembly, so users do not need to install any additional software. The project addresses an essential need: secure data exchange that both organizations and individuals can trust.
The Need for Secure Data Exchange
The urgency for better solutions is clear. Even market leaders in secure communication have recently been in the news for the wrong reasons. For example, Zivver—known for encrypted email services—came under scrutiny after being acquired by the American company Kiteworks. An investigation by Follow the Money warned that this could bring sensitive Dutch data under U.S. jurisdiction. The Dutch Parliament even raised questions about the matter; concerns were expressed that confidential information sent via Zivver could now end up in foreign hands. Popular file-sharing services are also under fire. WeTransfer recently caused controversy by introducing new terms that granted the company a “perpetual, worldwide license” to use shared files, for example for AI training or even resale. After heavy criticism, WeTransfer was forced to retract the most controversial clauses—but the damage to user trust was done.
Such developments show how vulnerable existing so-called “secure” services can be. Organizations and citizens alike are seeking alternatives that truly meet high standards of privacy and security. This is where PostGuard comes in as a future-proof solution.
What Is PostGuard?
PostGuard is an innovative open-source encryption protocol based on Identity-Based Encryption (IBE). Instead of exchanging traditional public keys, IBE uses the recipient’s identity to encrypt a message. The sender only needs the master public key and the recipient’s ID; the recipient then proves their identity via a Private Key Generator (PKG) and receives the decryption key to unlock the file.
A crucial feature of PostGuard is that it integrates identity verification into the encryption process. By default, this uses Yivi—the privacy-friendly identity platform we developed. In practice, this means the recipient can securely identify themselves using the Yivi app before gaining access to the encrypted data. Sensitive attributes (such as name or email address) that form the user’s identity remain on the phone and are only shared with explicit consent. Thanks to this combination of strong identity and encryption, senders can be certain that only the intended recipient can decrypt the file.
Technically, PostGuard runs entirely in the browser. Its cryptographic core is written in Rust and made available to web applications via WebAssembly. This provides two major advantages: first, files are encrypted and decrypted within the user’s browser, ensuring that no intermediary— not even the server—can access the contents. Second, it’s user-friendly: no separate software or plug-ins are needed; a modern browser is enough.
PostGuard for Business – Our Plans
The Yivi team will continue to develop and expand PostGuard for business use. Under the name PostGuard for Business, we’ll soon introduce additional functionality that enables organizations to exchange files securely and conveniently. Some key elements of this proposition include:
- Strong recipient identification: Through integration with Yivi, organizations can be certain who downloads a file. Only verified recipients (such as a client, patient, or partner) gain access, preventing misuse or unauthorized access.
- End-to-end encryption in the browser: Every file is encrypted before leaving the sender’s browser and remains encrypted until the authenticated recipient decrypts it in their own browser. This guarantees that confidential data cannot be read in transit or in the cloud—not even by storage administrators.
- Business-to-Consumer integration: The solution is designed to work seamlessly in B2C scenarios. For instance, an organization can securely send documents to a customer, who decrypts them at home in their browser after identification. Even without technical expertise, the process remains simple: a QR code or link and the Yivi app are all that’s needed to gain access.
In short, PostGuard for Business combines the best of both worlds: the robust privacy-by-design architecture expected of an open-source E2EE solution, and the practical features required in a professional setting.
Conclusion
With the development of PostGuard (for Business), we aim to meet the growing demand for reliable, user-friendly, and fully secure ways to share data. Recent incidents involving established services underline the need for a new approach—one that provides trust through transparency and security by design.
We are excited about the potential of PostGuard and the role Yivi plays in it. In the coming period, we will keep the community updated on our progress. If you are interested in contributing ideas or wish to be among the first organizations to benefit from PostGuard for Business, we would love to hear from you. Together, we can build a future where secure digital communication is the norm.