Encrypted file sharing where access is enforced via FHE (Fully Homomorphic Encryption). Nobody can see who has access to what. Documents live on Filecoin via Storacha.
Securely sharing files today means trusting a vendor with your data. Whether it's a data room for a deal ($3-4B TAM, led by Intralinks and Datasite at $15-50k+ per deal), confidential project files, or anything you want to share privately, you're relying on trust assumptions of the vendors and members that operate these platforms.
ZDrive replaces vendor trust with math.
ZDrive uses Zama FHE for on-chain encrypted access control and Storacha for decentralized storage. No intermediary can read your files or see who has access, and the audit log is clean and verifiable.
Can be used for simple sharing documents to confidential fundraising data rooms, M&A due diligence, investor updates.
- Create a folder: FHE-encrypted folder keys generated on-chain
- Upload documents: encrypted client-side with AES-256-GCM derived from the folder key, stored on Filecoin via Storacha, encrypted CID recorded on-chain
- Grant access to collaborator addresses: lets them decrypt locally.
- Collaborator connects wallet: decrypts FHE folder key, derives AES key, downloads and decrypts documents.
For the full encryption flow, key hierarchy, and contract interface, see Technical Architecture.
| Layer | Technology |
|---|---|
| Smart Contracts | Solidity 0.8.24, Forge, Zama FHE |
| Document Storage | Storacha (Filecoin/IPFS) |
| Frontend | React 19, Vite, TypeScript, Tailwind CSS 4 |
| Wallet | RainbowKit, wagmi, viem |
| Network | Ethereum (Zama) / Anvil (local) |
- Technical Architecture: encryption flow, key hierarchy, storage model, privacy guarantees
- Feature Set: planned and shipped features
- Architecture Decision Records: technical decisions and trade-offs
| Tool | Version | Install |
|---|---|---|
| Foundry | latest | curl -L https://foundry.paradigm.xyz | bash && foundryup |
| Node.js | 22+ | brew install node or nvm |
| Yarn | 1.x | npm install -g yarn |
Copy the example and fill in the values:
cp dapp/.env.example dapp/.env
git submodule update --init --recursive
cd contracts
yarn install
forge build
forge test
cd dapp
yarn install
yarn dev:stack # deploys contracts too
This runs:
- Anvil: local Ethereum node on
localhost:8545(chain ID 31337) - Forge: deploys
MockEncryptedDataRoomusing the default Anvil private key - TypeChain: pulls ABIs from the build artifacts and generates typed bindings
- Vite: starts the dapp dev server
If it's too much effort to setup Storacha ask for keys from: petros@obolos.io
The dapp encrypts files client-side and uploads them to Filecoin via Storacha.
Make an agent key and a delegation proof:
# 1. Install the CLI
npm i -g @storacha/cli
# 2. Login. CONFIRM email link
npx @storacha/cli login your@email.com
# 3. Create a space (or use an existing with `npx @storacha/cli space ls`)
npx @storacha/cli space create my-zdrive
# 4. Generate an agent key. prints a DID and a private key
npx @storacha/cli key create
# copy the private key (MgC…) as VITE_STORACHA_KEY
# 5. Delegate upload capabilities to the agent key
npx @storacha/cli delegation create <did:key:from-step-4> \
--can store/add --can upload/add --can filecoin/offer \
--can space/blob/add --can space/index/add \
--base64
# copy the base64 string as VITE_STORACHA_PROOF
Then set both values in dapp/.env:
VITE_STORACHA_KEY=MgC…
VITE_STORACHA_PROOF=mAY…
VITE_CHAIN_ID=31337 # anvil, 11155111 = Sepolia
VITE_RPC_URL=http://127.0.0.1:8545
MIT