finds.dev← search

// the find

jesseduffield/horcrux

★ 5,074 · Go · MIT · updated Aug 2024

Split your file into encrypted fragments so that you don't need to remember a passcode

horcrux splits a file into N encrypted fragments using Shamir Secret Sharing, requiring only a configurable threshold of fragments to reconstruct it. You scatter the fragments across different locations or media; no password needed at recovery time — the key is baked into the shares. From the lazygit/lazydocker author, so it's polished for a small tool.

Uses Hashicorp's battle-tested Shamir implementation rather than rolling its own crypto. The threshold scheme is genuinely useful — you can lose some fragments and still recover. Dead simple CLI: two commands, no config files, no runtime dependencies. Homebrew and Scoop packaging means installation is frictionless on the platforms where you'd actually use this.

No data integrity verification — the README explicitly calls this out as an open issue (#4); a corrupted fragment can silently produce garbage output. Binding requires all fragments in the same directory with matching filenames, which is fragile if you've renamed or reorganized anything. The 'no password needed' pitch is also a security tradeoff, not a pure win: whoever physically has threshold fragments can recover the file with zero resistance. Last meaningful commit was 2024, and the issue tracker has open questions about edge cases the author doesn't have time to address.

View on GitHub →

// want more like this?

We dig through GitHub every week and send a few repos picked for what you actually care about — each with an honest take like this one.

Get finds in your inbox → Search again →