FOR DEVELOPERS

Protect the data. Yours and your customers'.

One API that encrypts, proves, and delivers sensitive data. Your code is protected from line one. Your customers get real privacy. The server sees nothing.

🔐

Encrypt .env in one command

🔍

51 SOC controls in browser

🔗

Webhooks + integrations

✅

HMAC proof chain

demo — encrypt

DEMO

▊

Encrypt secrets in one command. Nothing leaves your machine.1/5

Get API key — free Dashboard

100 actions/day. Free forever. No signup.

What you get

+ Encrypt .env + secrets in one command

+ 51 SOC controls scanned in browser

+ Encrypted webhooks for every event

+ SDK + REST API + Claude integration

+ HMAC proof chain for every action

+ Zero data with us, all encrypted at yours

What your customers get

+ Real privacy, not just a promise

+ Cryptographic proof for every data access

+ Burn-after-read links

+ Encrypted fields in any form (Mask)

+ E2E secure communication channel

+ Anonymous report box

WHAT IS CAPSULE FOR DEVELOPERS?

When you need to see sensitive data — production logs, secrets, DB results, API keys — Capsule lets you do it without opening the whole system and without creating exposure risk.

📦

Isolated environment

See only what's needed

🕵️

Zero Knowledge

No server sees it

✅

Cryptographic proof

Every view is logged

💨

Open. View. Gone.

Zero residue

⚡ Example — production crash

The app crashed. You need to check secret values and analyze the scenario. Instead of sharing credentials, touching servers or exposing tokens — you open a Capsule, see what you need, and the frame closes. All data disappears and isn't stored.

capsule in action

// Encrypt a field — zero knowledge
const result = await fetch("/api/v1/encrypt", {
  body: JSON.stringify({ field: "ssn", value: "123-45-6789" })
})
// Response — ciphertext stays in YOUR database
{ ciphertext: "aes256gcm:v1:...", audit_id: "aud-a7f3" }
// Decrypt inside a Capsule — logged, proven, gone
await fetch("/api/v1/decrypt", {
  body: JSON.stringify({ ciphertext, requester: "agent_42" })
})
// ✓ Decrypted. ✓ Proof: HMAC-SHA256. ✓ Zero retained.

Capsule lets you inspect sensitive data safely — isolated, private, and with cryptographic proof — without exposing your system or secrets.

Open. View. Gone.

API Reference

4 endpoints. Blind relay. Zero storage.

TOOLS🔑Get API Key 📦SDK 📊Dashboard 🤖Claude 🔐Secret Capsule 🔍Scan

Quick Reference

CLICK TO COPY

🔐Encrypt FieldPOST /api/v1/encryptAPI

🔓Decrypt FieldPOST /api/v1/decryptAPI

📨Secure DeliveryPOST /api/v1/deliverAPI

📋Audit EvidenceGET /api/v1/evidenceAPI

💬Encrypted Chat/chatlink

🔒Secure Channel/secure-channellink

🏠Encrypted Room/roomlink

📮Report Box/report-box/createlink

🛡️Link Scanner/link-checkerlink

📧Email Security/email-auditlink

🔍SOC Diagnosis/soc-scanner/runlink

Click any row to copy code. All tools work on the same principle: browser encryption → blind server → deleted.

One API — every use case

The same /encrypt works from everywhere. The button the user clicks determines the action — the system just encrypts and forgets.

Send password to friend
Encrypted Chat → encrypt() → store → display → delete
Contract to lawyer
Secure Channel → encrypt() → link + OTP → view → burn
Team room
Encrypted Room → encrypt() → broadcast → TTL → delete all
Encrypt DB field
API → encrypt() → ciphertext → store in YOUR DB

The button decides. The system is blind. Same engine.

Base URL: https://www.nodatacapsule.com/api/v1

Authentication

Every request requires a Bearer token in the header. Create a key at /get-started

Authorization header

Authorization: Bearer sk_live_a7f3e9c2d1b8f45e6a9c...

Rate limit: 60 req/min · Daily quota: 500 req (Free tier)

Endpoints

Encrypt a sensitive field value. Returns ciphertext to store in YOUR database. NoData stores nothing.

Required scope: encrypt

Request

curl -X POST /api/v1/encrypt \
  -H "Authorization: Bearer sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "field": "phone",
    "value": "+972501234567",
    "context": "customer_record"
  }'

Response

{
  "success": true,
  "ciphertext": "aes256gcm:v1:iv...:cipher...:key...",
  "field": "phone",
  "audit_id": "aud-a7f3e9c2d1b8",
  "algorithm": "AES-256-GCM",
  "note": "Store the ciphertext in YOUR database."
}

Error Codes

400Bad request — missing or invalid parameters
401Invalid or missing API key
403Key revoked or missing scope
429Rate limit or daily quota exceeded
500Server error — retry or contact support

Privacy & Security

Zero-knowledge: NoData doesn't store your data, keys, or content. Everything passes through and is wiped.
Audit trail: Metadata only — who, when, what action, what field. Never the content.
Encryption: AES-256-GCM · RSA-4096 · HMAC-SHA256
API keys: Hashed on server. Even we can't see your key.

Integration

TypeScript? Install our SDK. Other language? Any HTTP client works:

Node.js / TypeScript (SDK)

import { NoData } from '@nodatachat/sdk';

const nd = new NoData({ apiKey: 'sk_live_...' });
const { ciphertext } = await nd.encrypt({ field: 'ssn', value: '123-45-6789' });
// Store ciphertext in your DB — NoData stores nothing

Node.js / TypeScript (raw fetch)

const res = await fetch("https://www.nodatacapsule.com/api/v1/encrypt", {
  method: "POST",
  headers: {
    "Authorization": "Bearer sk_live_...",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({ field: "ssn", value: "123-45-6789" }),
});
const { ciphertext } = await res.json();
// Store ciphertext in your DB — NoData stores nothing

Python

import requests

res = requests.post("https://www.nodatacapsule.com/api/v1/encrypt",
    headers={"Authorization": "Bearer sk_live_..."},
    json={"field": "ssn", "value": "123-45-6789"})

ciphertext = res.json()["ciphertext"]
# Store ciphertext in your DB — NoData stores nothing

cURL

curl -X POST https://www.nodatacapsule.com/api/v1/encrypt \
  -H "Authorization: Bearer sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{"field":"ssn","value":"123-45-6789"}'

WORKBENCH

Developer Workbench

Encrypt, deliver, audit — all from one screen with one-click copy.

→

CLAUDE CODE

Automatic encryption from Claude Code

One-line install. All sensitive data encrypted before reaching AI.

→

SDK v1.0

npm install @nodatachat/sdk

M2M kit. 5 lines. Zero deps. Blind encryption, secure channels, batch ops, Express & Fastify plugins.

→

Get API key — free

100 calls/month free. No signup. No credit card.

🚀

Install Capsule

Choose your level