One app. Three ways to reach someone.
On your office network
On a shared network, Privatta spots the other computers running it automatically. Transfers are instant and never touch the internet.
mDNS discovery plus an active network scan. No router config, no port forwarding.
From drag-and-drop to delivered file.
What actually happens between adding a file and it landing on the other machine.
- 01
Add the file
Drop a file into Privatta and choose who can see it: public on the LAN, a named user, or a group. Bundle related files into a virtual folder to share one policy.
- 02
Discover the other machine
On a shared network, mDNS and an active scan find other Privatta installs automatically. Over the internet, a Kademlia DHT locates the right peer by its Ed25519 Peer ID.
- 03
Open an encrypted channel
libp2p negotiates a Noise Protocol handshake: an X25519 key exchange establishes a session key, and an Ed25519 signature verifies the peer's identity before anything else happens.
- 04
Pass three checks
The connecting machine must present a valid username and password, and come from a machine whose identity (Peer ID over the internet, MAC address on the LAN) is already whitelisted. Any failure seals the connection — permanently, on a P2P handshake failure.
- 05
Transfer directly
Once authenticated, the file streams straight from sender to recipient over the encrypted channel, with live progress. No intermediate server holds a copy at any point.
- 06
Log it locally
The attempt — allowed or denied, by whom, from where, for which file — is written to a local, tamper-evident access log. Passwords are never recorded.
See exactly what's checked at the door.
Encryption, identity and the audit trail — the full security model in one place.