All products
Encrypted P2P File Transfer
Coming Soon

Privatta

Send sensitive files without routing them through someone else's cloud.

Direct machine-to-machine encrypted file transfer over libp2p and the Noise Protocol. No third-party relay, no cloud storage, no account required. Per-file access control, hardware-bound machine identity, and a tamper-evident audit trail — works on LAN, internet, or fully air-gapped.

Schedule a discovery callView pricing
P2P
Direct route, no relay
Noise
Protocol Framework
4 OS
Win / Mac / Linux / Android
0
Third-party servers
ED25519 IDENTITYNOISE PROTOCOLP2P DIRECT TRANSFERNO RELAY SERVERLAN + INTERNETFILE ACCESS CONTROLAUDIT TRAILX25519 CIPHERED25519 IDENTITYNOISE PROTOCOLP2P DIRECT TRANSFERNO RELAY SERVERLAN + INTERNETFILE ACCESS CONTROLAUDIT TRAILX25519 CIPHER

Available on

  • Windows
    10 / 11 / Server
  • macOS
    12 Monterey+
  • Linux
    Debian / RPM / AppImage
  • Android
    10+
Core capabilities

What it does.

01
Direct peer-to-peer

Files take exactly one network hop — sender to recipient.

libp2p establishes a direct encrypted connection between machines over LAN or internet. No relay server, no cloud storage, no third party in the data path. If both endpoints can route to each other, the transfer happens directly. The business outcome: your sensitive files don't accumulate in a vendor's S3 bucket waiting to be breached.

  • Encrypted transport via the Noise Protocol Framework
  • Works over LAN, internet, or both
  • Direct connection — no relay, no cache, no fallback
  • Transfer speed limited only by the slowest endpoint
  • Circuit Relay v2 + autoNAT handle double-NAT and CGNAT
01
02
Cryptographic identity

Every machine has a hardware-bound Ed25519 Peer ID.

Machine identities are issued cryptographically and bound to hardware fingerprints (SHA256 of hostname + platform + CPU model + RAM). Connections only complete after three-factor verification: username, password, and a valid Peer ID. Leaked credentials from one machine cannot be used to connect from another — a substantial uplift over password-only systems.

  • Ed25519 public-key identity per machine
  • Three-factor authentication: user + password + Peer ID
  • Hardware fingerprint bound to license
  • Forward-secrecy via per-session ephemeral X25519 keys
  • Identities can be revoked centrally; trusted-peer whitelist
02
03
Per-file access control

Authorize files individually. Audit every transfer.

Each file transfer can carry its own access policy: who can receive it, who can forward it, who can re-share. A tamper-evident audit log records every successful transfer, every denied attempt, and every policy violation across the fleet. Useful when audit-readiness isn't a nice-to-have — it's a tender requirement.

  • Per-file recipient and forwarding policies
  • Tamper-evident audit log (Merkle-chain backed)
  • Real-time policy violation alerts
  • Exportable compliance reports (CSV / PDF / JSON)
  • Automatic peer banning on repeated failed auth
03
04
Air-gap capable

Native LAN-only mode for restricted networks.

Native local peer discovery establishes direct machine links without any internet connection or external infrastructure. Required for classified workstreams, regulated environments, and any network where outbound DNS resolution isn't allowed. Trusted-network CIDR support means you can pre-authorise Tailscale, Hamachi or custom VPN ranges.

  • Local peer discovery without DNS or rendezvous
  • Works on fully air-gapped LANs
  • No outbound network calls of any kind
  • Trusted CIDR ranges for Tailscale / Hamachi / custom VPNs
  • Used by government, defense, critical infrastructure
04
alpha-01
beta-02
delta-03
gamma-04
eta-05
zeta-06
More capabilities

Everything else it does.

No account required

There is no Royal Softworks account, no sign-up flow, no central registry. Your license activates the machine and authentication is local to your fleet.

Streaming transfers

Files are streamed in chunks; you can pause and resume, and large transfers don't require staging space on either end.

Live transfer monitor

Watch active transfers in real time: progress, throughput, encryption status, route — surfaced cleanly in the desktop UI.

Forward-secrecy by default

Each session uses a fresh ephemeral key. Past transfers remain confidential even if a long-term key is later compromised.

Policy templates

Common policies (internal-only, contractor-shareable, board-only) are templated and reusable. Easy for admins, predictable for users.

Cross-platform sync handoff

Start a transfer from desktop, finish on mobile. Five OS support means files can move across any device your team actually uses.

Licensing

Starting at $178 per seat.

  • Per-seat licensing, machine-bound
  • Volume discounts above 25 seats
  • Air-gapped activation for restricted networks
  • Win / Mac / Linux / Android included
$178 / seat
See full pricing
Also in the suite

AssistantGeneral

Your organisation's knowledge, at every employee's fingertips.

View product

OfficeBrief

Find any internal document in under a second.

View product

DuplicateDuster

Eliminate duplicate files with 99.2% accuracy.

View product
Frequently asked

Questions we hear often.

No. Privatta transfers files directly between machines using peer-to-peer technology. There is no central server, no cloud storage, and no relay that handles your files.

Talk to the team that actually builds the software.

Pilot deployments, volume licensing, product demos, security questionnaires — all handled by engineers and product leads, not a routing layer. We respond within one business day.

Schedule a discovery call
Half-hour walkthrough with someone who built the product — no sales script.
Run a pilot deployment
Full-feature evaluation with guided install, configured for your environment.
Email us directly
sales@royalsoftworks.com — we respond within one business day.
sales@royalsoftworks.comoffice@royalsoftworks.com

Send us a message

Leave your details and we'll follow up within one business day.