Updated 2026-07-11
On Pro and Team plans you can share individual items with other TimeLock users.
How sharing stays zero-knowledge
Every user has a public/private key pair; the private key is protected by their master password. When you share an item:
- Your device decrypts the item's key (you must be able to open the item to share it).
- Your device seals that key to the recipient's public key.
- The server stores and relays the sealed box — which it cannot open.
The recipient's device unseals the key with their private key and can then decrypt the item. At no point does the server hold a usable decryption key.
Schedules still apply
If a shared item is time-locked, the schedule binds every recipient too — the server-held wrap layer is only removed during the window, no matter whose client asks.
Revoking
Unsharing removes the recipient's sealed key. Remember the honest caveat: anything the recipient already opened during a window may have been copied — revocation controls future access, not memory.