"If they can't see the data, they can't lock the data."
OVERSIGHT is a zero-knowledge, ephemeral data encapsulation engine. It allows users to hide any file (PDF, binary, text) inside a standard, lossless PNG image using a high-contrast steganographic protocol.
The server acts as a blind mule—storing encrypted pixels in RAM and burning them the microsecond they are retrieved.
- Frontend: React + Tailwind CSS (Vite)
- Engine: Custom Steganography Logic (HTML5 Canvas API)
- Backend: Golang (Gin Framework)
- Memory: Redis (Volatile In-Memory Storage)
- Encryption: AES-256 (Crypto-JS)
- Compression: Zlib (fflate)
Unlike standard uploaders that trigger Deep Packet Inspection (DPI) by showing file headers (like %PDF), OVERSIGHT wraps your data in a PNG bitstream. To a network admin, you're just sharing a noisy image.
Decryption keys are generated client-side and appended as a URL Hash (#). Since browsers do not transmit fragments to the server, OVERSIGHT never sees your keys or your raw data.
To combat browser-side color-profile drift (sRGB/P3), OVERSIGHT uses a binary contrast mode (0 vs 255). This ensures 100% data integrity even if the browser attempts to "optimize" pixel values.
Data is stored in Redis with a strict TTL. We utilize an atomic "Get-then-Delete" workflow: the moment a download starts, the key is purged from RAM. No persistence, no forensic trail.
- Compress: File bytes are Zlib-compressed to minimize the carrier footprint.
- Encrypt: Compressed blob is encrypted with AES-256.
- Encapsulate: Encrypted string is injected into the Red/Green/Blue channels of a Canvas.
- Drop: The "Heavy PNG" is POSTed to the Go backend.
- Vanish: Receiver fetches the image, triggers the Redis purge, and reconstructs the file in-browser.
This tool is built for privacy-conscious data transfer. Use it responsibly. If you forget the link or the hash key, the data is lost to the void. There is no recovery.
Priyanshu Kumar Singh BCA Student | Full-Stack Dev | Privacy Enthusiast