Small Grant: DecentraTransfer - A Privacy-Preserving File Sharing Service

Introduction

Project Name: DecentraTransfer

Submitting Individual: Seifeddine Seghaier

I am an independent developer with expertise in React, Node.js, and Python, specifically focused on privacy, encryption, and decentralized data handling. DecentraTransfer will be my first project built on the Sia ecosystem, utilizing my background in IT development to create a robust, user-centric utility.

Project Overview

DecentraTransfer is a self-hostable web application for sharing files. It mirrors the convenience of services like WeTransfer but replaces centralized company servers with the Sia network.

The workflow is simple: a user drops a file into the browser, the file is encrypted locally on their device, and it is then uploaded to Sia via the official Storage SDK. The user receives a share link containing the decryption key in the URL fragment. Access can be time-limited using native SDK expirations or further secured with a password-derived key layer.

The MVP will include:

• File uploads and pinning via the Sia Storage SDK Python.

• Zero-Knowledge Encryption: AES-256-GCM in-browser encryption.

• Client-Side Key Management: Decryption keys reside in the URL fragment, ensuring they are never sent to the server.

• Performance Optimization: Use of Web Workers to handle cryptographic operations without freezing the UI.

• Password Protection: Optional PBKDF2-derived key layering.

• Self-Hosting Suite: A Docker-ready FastAPI backend for single-operator deployment.

Mission Alignment

Most file-sharing services require users to trust a central provider with their data. DecentraTransfer eliminates this requirement by ensuring the server operator never sees the plaintext or the keys. This architecture perfectly aligns with the Foundation’s mission of user-owned data. By combining browser-level encryption with Sia’s decentralized storage, DecentraTransfer ensures that even if an instance is compromised, the user’s data remains private and accessible only to those with the link.

Why This Fits the indexd Direction

DecentraTransfer is built directly on the new Sia Storage SDK, following the officially supported integration path. It offers a distinct deployment model compared to existing tools: it is designed for an operator to run their own private instance. Furthermore, it introduces a unique password-protection layer not found in similar client-side-only proposals, providing a meaningful difference for high-security use cases.

Grant Specifics

Total requested funding: $7,200 USD

Timeline: 3 Months.

High-Level Architecture

1. Client Layer: A React interface that handles local encryption via Web Workers. This offloads heavy math from the main thread, keeping the UI at 60 FPS.

2. Application Layer: A FastAPI backend that orchestrates Sia SDK calls (upload, pin_object, share_object). It handles metadata but never the decryption keys.

3. Storage Layer: The Sia network, providing erasure-coded storage across independent providers.

Security Practices

• URL Fragment Protection: Decryption keys are placed in the URL hash (#), which browsers never transmit in HTTP requests.

• Double Layer Encryption: Data is encrypted in the browser (AES-256-GCM) before being further encrypted and sharded by the Sia SDK.

• Password Layering: Optional password-derived key (PBKDF2) wraps the file key for multi-factor link security.

• Secure Onboarding: Follows official SDK approval flows; the recovery phrase is never stored by the application.

Potential Risks

• Resource Constraints: Large file processing will be managed through Web Workers and chunked processing to prevent browser memory exhaustion.

Development Information

• Open Source: Yes, MIT License.

• Repository: https://github.com/Seghaier-dev/DecentraTransfer

• Reports: I agree to submit monthly progress reports.

Contact Information

• Email: [email protected]

• GitHub: Seghaier-dev

• Sia Forum: @Seghaier-Seifeddine

Hi @Seghaier-Seifeddine - thank you for your proposal. Please detail who the intended user is for your project and what your plans for this project are following the grant. And how you plan to mitigate the potential risk listed.

In order for this proposal to be reviewed by the Committee at next week’s meeting, the above edits will be needed by this Wed. April 22 by 5pm ET.

Hi @mecsbecs

Thank you for your feedback!

After the grant period, DecentraTransfer will evolve into a broader ecosystem built around the core open-source file transfer engine developed during this grant.

The grant-funded deliverable focuses on the core decentralized file transfer implementation using the Sia Storage SDK, which serves as the foundational layer.

Post-Phase Project Roadmap

1. Open-source core maintenance

• Maintain and improve the self-hostable version.
• Ensure compatibility with future Sia SDK updates.
• Keep the core tool lightweight and developer-friendly.

2. Mobile application (extension layer)

• Develop a mobile client (iOS/Android) that connects to self-hosted or public instances.
• Enable secure file sharing on-the-go with the same zero-knowledge architecture.
• Focus on usability for non-technical users while preserving encryption guarantees.

3. Hosted platform (optional SaaS layer)

• Launch an official hosted instance of DecentraTransfer.
• Provide premium features for teams (access control, expiration policies, branding, audit logs).
• This will remain fully compatible with the open-source version.

4. Ecosystem expansion

• CLI tool for developers.
• API-first integration layer for embedding into other applications.
• Potential plugin system for SaaS and enterprise adoption.

The Long-Term Vision: To transform DecentraTransfer from a single application into a multi-interface decentralized file transfer ecosystem powered by Sia storage, with consistent security guarantees across web, mobile, and API layers.

Risk Mitigation (Browser Memory / Large Files)

To handle large file constraints, the following technical strategies will be implemented:

• Chunked Upload Pipeline: Files will be split into smaller chunks before encryption and upload, preventing memory spikes.
• Streaming-based Processing: Instead of loading full files into memory, streams will be used wherever possible (File API + Streams API).
• Web Worker Offloading: All encryption and chunk processing will run in Web Workers to isolate CPU-heavy operations from the main thread.
• Progressive Upload Strategy: Chunks will be encrypted and uploaded sequentially, allowing constant memory usage regardless of file size.
• Fallback Mechanism: For extremely large files, the system will optionally support server-assisted chunk orchestration (without ever exposing plaintext or keys).

These measures ensure stable performance even on low-resource devices.

Thanks for the clarification above, but one component is still outstanding:

Hi @mecsbecs

The intended users are:

• Everyday users who want a simple and secure way to share files
• Developers who want to self-host their own file-sharing instance
• Freelancers and small teams who need to share files securely with clients
• Privacy-conscious users who don’t want their data stored on centralized servers
• Organizations that want to run their own private file-sharing gateway

Thanks for your proposal to The Sia Foundation Grants Program.

After review, the Committee has decided to reject your proposal citing the following reasons:

• There are technical concerns with the proposal: a) outlining encrypting data that is already encrypted, and b) the project architecture middle-mans your user’s data, which using the Sia SDKs is meant to avoid.

We’ll be moving this to the Rejected section of the Forum. Thanks again for your proposal, and you’re always welcome to submit new requests if you feel you can address the Committee’s concerns.