Home Docs Workflow guides

Set up your encryption mailbox and sync keys

Recipient keys, cross-device sync, recovery
Workflow

Set up your encryption mailbox and sync keys

Publish a recipient public key so others can seal pastes to your account, then sync the matching private key across your devices through an end-to-end encrypted keybag — no manual key transport.

When to use it

Use this when

  • You want people, or your own tools, to address encrypted pastes to your account.
  • You read encrypted-to-you pastes on more than one browser or machine and do not want to hand-copy private keys.
  • You want a recoverable, server-mediated way to bring your keys to a new device without trusting the server with plaintext.
Steps

Do this

  1. Publish your recipient key Open Account → Recipient key, set a local private-key passphrase, then choose “Publish new key.” This generates an X25519 keypair: the public key is published so others can seal pastes to you, and the private key is encrypted with your passphrase and kept in this browser.
  2. Enable cross-device sync Under “Cross-device sync,” choose “Enable sync.” Your private key is wrapped into an end-to-end encrypted keybag and uploaded — the server only ever stores ciphertext. You are shown a one-time recovery code. Save it now; it is shown only once.
  3. Optionally allow a passphrase unlock Turn on “Also allow unlocking with a passphrase” and set an unlock passphrase if you want a memorable fallback. A passphrase is more convenient but less private than a recovery code alone.
  4. Link a new device On the other browser or machine, sign in and open Account → Cross-device sync → “Unlock keys on this device.” Enter your recovery code (or unlock passphrase). Your recipient keys are decrypted locally and cached on that device — no plaintext key ever crosses the network.
  5. Save the refreshed recovery code Recovery codes are one-time: after you unlock with one, the spent code is retired and a fresh code is minted and shown. Save the new code — the previous one no longer works.
  6. Add a passkey per device After unlocking on a device, choose “Add this passkey” to register that device’s passkey (WebAuthn PRF) as an unlock method. Next time you can unlock with the passkey instead of typing a code. Passkey unlock is per-device.
  7. Rotate or revoke when needed “Rotate keys” issues a fresh recipient keypair and re-keys the keybag; old private keys are retained so previously sealed pastes still decrypt. Rotation resets your unlock methods — you get a new recovery code and must re-add passkeys on each device. “Remove key” unpublishes your recipient key.
Examples

Copyable commands

Someone seals a paste to you (CLI)
pbca new --to-recipient @you --file handoff.txt --expires 7d
Read your encrypted inbox
pbca inbox          # CLI
# or open https://pastebin.ca/account/inbox in the browser
Look up your published key (MCP)
lookup_recipient_public_key({ "recipient": "@you" })
Operational notes

Keep in mind

  • The server never sees your recipient private key or your recovery code. It stores only your public key and the encrypted keybag (ciphertext).
  • Your recovery code changes every time you use it. Always save the new code shown after an unlock; the previous one is retired so an observed code cannot open the keybag twice.
  • A recovery code or unlock passphrase is the only way to reach your keys on a brand-new device. If you lose every unlock method, encrypted-to-you pastes that need the current key cannot be recovered.
  • Passkey unlock is per-device: a passkey added on one device does not unlock the others. Add a passkey on each device you use, or keep your recovery code handy.
  • Rotating keys keeps old private keys so historical inbox pastes still open, but contacts who cached your old public key should look up your new key for future sends.