Skip to content
VoidNote
Announcement

27 February 2026

VoidNote SDKs are live — TypeScript, Python, and Go

You can now create and read self-destructing zero-knowledge notes from any script, pipeline, or AI agent — in three languages, with no API keys and no dependencies beyond the package itself.

Why SDKs?

VoidNote started as a browser tool — type a secret, get a link, share it. That covers the human-to-human case. But a large chunk of secret-sharing now happens machine-to-machine: a CI job passing a credential to a deploy script, a developer handing a key to their AI coding assistant, an automation reading an OTP from another process.

The SDKs bring the same zero-knowledge guarantee to those workflows. Encryption still happens client-side — the plaintext never leaves your process. The server receives only a lookup token and an encrypted blob it cannot decode.

The zero-knowledge model still holds

The browser UI and the SDKs use identical cryptography. When you call create():

1. 32 random bytes are generated locally → 64-char hex token

2. tokenId = first 32 chars // sent to the server as a lookup key

3. secret = last 32 chars // embedded in the returned URL, never transmitted

4. key = SHA-256(secret) // derived locally

5. ciphertext = AES-256-GCM(plaintext, key)

6. POST tokenId + ciphertext + iv // key never in the request

The URL returned by create() contains both halves of the token in the fragment. Whoever holds that URL can decrypt. Nobody else can — including us.

TypeScript / JavaScript

Works in Node.js, Bun, Deno, and the browser. Uses the native SubtleCrypto API throughout — no OpenSSL bindings, no native modules.

npm install voidnote-sdk

yarn add voidnote-sdk

// Create a self-destructing note (burns after 1 view)

import { create, read } from 'voidnote-sdk';

// Write

const url = await create('my-secret-value', { maxViews: 1 });

console.log(url); // https://voidnote.net/note/<token>

// Read (burns the note on the server)

const secret = await read(url);

console.log(secret); // 'my-secret-value'

// Second read → throws: note has been destroyed

GitHub →    npm →

Python

Pure Python, stdlib crypto only (cryptography for AES-GCM). Supports Python 3.9+. The synchronous interface keeps scripts simple; no async event loop needed.

pip install voidnote

# Write

from voidnote import create, read

url = create("my-secret-value", max_views=1)

print(url) # https://voidnote.net/note/<token>

# Read

secret = read(url)

print(secret) # "my-secret-value"

GitHub →    PyPI →

Go

Zero external dependencies. Uses only crypto/aes, crypto/cipher, and crypto/sha256 from the standard library. Compiles to a single static binary — no CGO, no shared libraries.

go get github.com/quantum-encoding/voidnote-go

import voidnote "github.com/quantum-encoding/voidnote-go"

// Write

url, err := voidnote.Create("my-secret-value", voidnote.CreateOptions{MaxViews: 1})

// Read

secret, err := voidnote.Read(url)

GitHub →    pkg.go.dev →

AI agent workflows

This is the use case we're most interested in. AI coding assistants — Claude Code, Cursor, Copilot Workspace — run code on your behalf and need secrets to do useful work: deploy keys, API tokens, database credentials. The current answer is usually "paste it into the context window" or "commit it to a private env file." Both are bad.

VoidNote gives you a better primitive: create a single-view note containing the secret, pass the link to the agent. The agent calls read(), uses the value, and the note self-destructs. The secret was never in the conversation, never in the system prompt, never in a log file.

# Developer does this once, in their own terminal

from voidnote import create

note_url = create(deploy_key, max_views=1)

print(f"Use this URL to retrieve the deploy key: {note_url}")

# Paste the URL into the agent's context →

# Agent calls read(url), gets the key, deploys.

# URL is now dead. Key never sat in chat.

CI / CD pipelines

Store the VoidNote URL in your CI environment (not the secret itself). The pipeline reads it once during deploy, the note burns. Even if your CI logs are leaked, there's nothing to extract — the URL is a dead link by then.

# .github/workflows/deploy.yml

- name: Fetch deploy key

  run: |

    SECRET=$(npx voidnote-sdk read ${{ secrets.DEPLOY_KEY_NOTE }})

    ./deploy.sh --key "$SECRET"

# DEPLOY_KEY_NOTE = https://voidnote.net/note/...

# stored in GitHub Secrets (not the key itself)

The CI secret is a VoidNote URL. If it's leaked, the attacker gets a burned link. You rotate by creating a new note and updating one CI variable — no key rotation required.

MCP servers and tool calling

The SDKs are also a clean foundation for a VoidNote MCP server — a tool that AI agents can call directly, without requiring a human to paste a URL into the context. An MCP-equipped agent can create notes (useful for agent-to-agent secret passing) and read them. We'll publish the MCP server as a separate package shortly.

Until then, wrapping read() in a tool definition for your preferred framework takes about ten lines.

Get started

All three SDKs are open source under MIT. The API is a thin wrapper over plain HTTPS — if your language isn't listed, the cryptographic spec is short enough to implement in an afternoon.

Get 5 free notes → GitHub org →