Conectar

The file transfer app that minds its own business.

Peeza provides an easy way to send files from one computer to another across operating systems. Data transits securely from one computer to another using the fastest route with as much bandwidth it can find. No copy in the cloud.

Authentication

Peeza uses social login (e.g., Google, Apple) for secure authentication. We do not store, access, or share any personal information beyond your public username provided by the social service. No passwords or additional personal data are collected or retained.

Transfers

Peeza uses the open-source Syncthing protocol to transfer files directly from one computer to another—without storing anything on cloud servers. All transfers occur over TLS 1.3 encrypted connections, which protect against eavesdropping, tampering, and impersonation. Each device is cryptographically authenticated, and all communication is fully encrypted end to end.

To optimize speed and efficiency, Peeza relies on Syncthing’s block exchange mechanism. Instead of sending entire files, files are split into fixed-size blocks, each identified by a cryptographic hash. Only blocks that are missing or outdated on the receiving device are transferred, reducing bandwidth usage and ensuring data integrity.

1. TLS 1.3

Syncthing is written in Go (Golang) and uses Go’s native crypto/tls package, which provides a full TLS 1.3 implementation as of Go 1.13+. This means it benefits from a battle-tested, standard-compliant TLS stack without relying on OpenSSL or other C libraries.

2. Mutual Authentication

Unlike many TLS implementations that only verify the server, Syncthing performs mutual TLS authentication:

  • Each device has a unique X.509 certificate, self-signed and generated upon first startup.
  • During a connection handshake, both peers verify each other’s certificates to ensure the identity of the connecting device.

3. Certificate Fingerprints

Each device has a static certificate (typically stored in cert.pem and key.pem). The SHA-256 hash of this certificate’s public key (the “Device ID”) is what identifies the device in the Syncthing network.

This means:

  • Only explicitly trusted devices (whose fingerprints match) can connect.
  • You can think of this as a built-in whitelist based on certificate fingerprints.

4. Connection Flow

  • A device wants to connect to another device.
  • The TLS 1.3 handshake occurs, with both sides presenting certificates.
  • If the certificates are valid and match known device IDs, the connection is allowed.
  • From that point, all data is encrypted using TLS 1.3.

5. No CA or PKI

Syncthing doesn’t use a certificate authority (CA) or public PKI:

  • All certs are self-signed.
  • Trust is based on manually exchanging Device IDs.

6. Security Benefits

  • Perfect Forward Secrecy (PFS) is guaranteed by TLS 1.3 by default.
  • Strong cipher suites only (no downgrade attacks possible).
  • No user credentials or passwords are sent over the wire.

Temporary transfer data

Peeza uses direct, peer-to-peer (P2P) connections — your files never pass through or are stored on any cloud servers.

All file transfers occur exclusively between sender and recipient devices, encrypted end-to-end. We do not store, view, or process the contents of your files at any point. Temporary data related to a transfer is only stored locally on your device and is automatically removed after the transfer is complete or discarded.

Minimal Logging

In accordance with Canadian privacy regulations (PIPEDA), we maintain only the minimal technical logs necessary to operate our service securely and responsibly. These logs may include basic metadata such as connection timestamps and anonymized device identifiers.

We do not store file contents, user activity, or any personally identifiable information beyond what is required for secure authentication (e.g., your social login username). Logs are kept only for a limited time and solely for the purpose of system maintenance, abuse prevention, or responding to legally valid requests from Canadian authorities.

We are committed to protecting your privacy and ensuring that all data handling practices are transparent, proportionate, and compliant with Canadian law.

peeza
Powered by  GDPR Cookie Compliance
Resumen de privacidad

Esta web utiliza cookies para que podamos ofrecerte la mejor experiencia de usuario posible. La información de las cookies se almacena en tu navegador y realiza funciones tales como reconocerte cuando vuelves a nuestra web o ayudar a nuestro equipo a comprender qué secciones de la web encuentras más interesantes y útiles.