Encrypted · Anonymous · Forever

The backup
that doesn’t
know your name.

Restic-encrypted on your device, routed through Tor, settled in Monero. Your client certificate is your only identity — and we never know what it stands for.

Download client Read the protocol

Encrypted on your device

Files are encrypted before they leave you. We hold ciphertext only — we couldn’t read it for you if we tried.

Routed via Tor

Three-hop onion transport. We never learn your IP, you never learn ours.

Paid in Monero

Subaddress per client. No card. No exchange step. The chain forgets who paid.

Zero PII collected

No name, no email, no IP, no device, no analytics. Logs hold 8 chars of cert hash.

How it works

Generate a certificate

The client mints an X.509 cert on first run. That file is your account — mTLS only, no password, no recovery. Back it up somewhere safe.

Top up in Monero

Send Monero to the printed subaddress. Pay-as-you-go — balance burns down by the second, no plan, no subscription, no lock-in.

Back up & forget

Schedule privatearchive backup. Encrypted blobs flow over Tor. Where the ciphertext rests doesn’t matter — only your key opens it.

Pick a binary.

Static, reproducible, open-source. SHA256 sums published. Audit the source — it’s all there.

macOSApple Silicon · .dmg macOSIntel · .dmg Linuxamd64 · .tar.gz Linuxarm64 · .tar.gz Windowsamd64 · .zip Sourceaudit the encryption yourself VerifySHA256SUMS

The backupthat doesn’tknow your name.