PGP in your browser.
Nothing leaves it.

Six OpenPGP tools that run entirely on your machine. Keys, messages, and passphrases are processed locally by OpenPGP.js served from this site — the page's security policy blocks every third-party request. Open devtools and watch the network tab stay quiet.

$ network monitor: initializing…
runs locally
Crypto executes in your browser. The server only serves this page's static files.
policy-enforced
A strict Content-Security-Policy forbids third-party requests — not a promise, a browser-enforced rule.
take it offline
Download the single-file offline copy and run every tool from your own disk, with networking disabled entirely.

Don't trust. Verify.

Open your browser's developer tools, switch to the Network tab, and use any tool above. After the page loads its own files, no further requests occur while you encrypt, decrypt, sign, or generate — the Content-Security-Policy on this page makes third-party requests impossible, and you can read that policy in the response headers.

The cryptography is OpenPGP.js version 6.3.1, served from this domain, unmodified — SHA-256 9736f49e81790af972029cd8416a8f9e5be7c4bddfb041676ab93fcad8332f5e. Compare it against the official release yourself. For the strongest guarantee, download the offline copy, disconnect from the internet, and run everything from a local file.

One honest footnote: like every page on this site, clicking an App Store / Play Store link sends a single first-party counting beacon (no cookies, no identifiers, just "someone clicked iOS"). That is the only network request this page can make after loading, and the crypto tools never trigger it.