FAQ
Is YeetFile open source?
Yes, the source for YeetFile is AGPL licensed and available on GitHub and SourceHut.
Why is YeetFile a beta release currently?
The current "beta" version of YeetFile is meant to convey that the service is in a state of refinement. As people begin using the service more and providing feedback and/or suggestions, some features may undergo additional work to make them more accessible or user friendly.
Why does YeetFile charge for upgrades if it's open source? Can I run my own instance for free?
While the code itself is free and open source, there are plenty of operating costs (server fees, storage fees, ingress/egress fees, and so on) associated with running a reliable public instance. The pricing of each tier was intended to be overall less than or equal to the cost of the average VPS (which is a small part of the full cost when self-hosting a storage and ingress/egress heavy app).
That said, you're welcome and encouraged to run your own instance of YeetFile if you're interested. YeetFile was designed to be very easy to run on your own, and can be run by anyone that has even a little knowledge of Docker.
Can I pay for account upgrades using crypto?
Yes, there's a BTCPay server set up for YeetFile that can accept Bitcoin and Monero payments.
BTCPay transactions can sometimes take longer for the payment to settle, generally no more than 10-15 minutes. You should receive an email when your payment has settled, and your YeetFile account will be updated.
Where are my files stored?
If you're using yeetfile.com, your files (which are encrypted on your machine before getting sent to the server) are stored in a private Backblaze B2 bucket (which also has its own layer of encryption enabled). File names are encrypted and Backblaze has no way of associating files with YeetFile users.
Unofficial instances can be configured to store files in Backblaze as well, or locally on the server.
Should I use the web or the command line interface (CLI) to access YeetFile?
You should use whichever client you're more comfortable with. The source code for both is available to view, and they operate identically.
There's a security advantage to using a compiled app (the CLI) to access YeetFile since you don't need to trust JavaScript sent by the server to use the service, but this really depends on your threat model and tolerance.
Is JavaScript required to use the web interface?
Yes, JavaScript is required for file reading/writing as well as all cryptography.
If you do not want to (or can't) use JavaScript in your browser, please use the YeetFile command line application instead. All features -- with the exception of purchasing upgrades, which is handled by Stripe or BTCPay -- are accessible from the command line.
What happens when I change my password? Shouldn't my files all be inaccessible?
When you change your password, your "User Key" is recreated with the new password. The new User Key is then used to encrypt your Private Key (which is initially decrypted by your previous User Key). This newly encrypted Private Key is then sent to the server. The Private Key contents stay the same, so encrypted file/folder content can still be accessed using your private key.
Should I sign up with my email or should I just sign up with an account ID?
Whichever you find more convenient. With an email associated with your account, you can recover your account if you set up a password hint and lose access to your password. Signing up with an account ID only means if you lose your account ID, you lose access to your account permanently.
Can I delete my account?
Yes, from the Account view (on web, under "Advanced") you can choose to delete your account. This will purge any stored files. Any files uploaded via YeetFile Send will still be accessible until their expiration (max number of downloads or time limit) have been reached.
What emails are sent by YeetFile?
YeetFile will send emails in the following scenarios:
- Account verificataion
- Purchase confirmation
- Password hint request (if applicable)
- Upgrade expiration reminder (1 week prior)
If you don't have an email registered with YeetFile, you will obviously not receive these emails.
Where can I read about YeetFile's security?
You can read about YeetFile's security on the security page.
Why should I trust YeetFile with my files?
YeetFile is designed to require as little trust as possible, since the server cannot decrypt file names or content. Everything is encrypted and decrypted using keys that are themselves encrypted and decrypted using a unique user-specific key that is never sent to the server.
On top of that, it's entirely possible to use YeetFile without ever providing any personally identifiable information. You can create an account without providing an email address, and recycle your payment ID if you purchase an upgrade (therefore removing the possibility of tracing billing details to your account).
That being said, if you truly want to make sure that the system is working as it should (i.e. encrypting files locally before upload, not sending data anywhere else, etc.) you can verify and build the source code for the command line application and use that to upload/download files.
Who made YeetFile?
YeetFile was developed by Ben Busby, the developer of other open source privacy focused software such as Whoogle Search and Farside.
YeetFile was released under Ben Busby's open source software collective, meddlehead.