Portable ZME1 CLI .ztz decrypt Password + pattern image No server token

Portable mode: encrypt here, decrypt anywhere.

This tool runs in your browser. It creates ZME1 containers and can also decrypt ZeroThink CLI .ztz files made with Agent Zero crypto commands. The plaintext file, password, and pattern/Z-Pepper are not uploaded.

Encrypt a file

Create a portable ZME1 container from one local file.

File to encrypt Pattern image

Use an image you can keep safely. The exact file is part of the key.

Password

Decrypt a container

Restore a file from a Portable ZME1 container.

ZME1 container Pattern image Password

Decrypt ZeroThink CLI .ztz

Open files encrypted by zerothink crypto encrypt or folder bundles made by zerothink crypto pack.

ZeroThink CLI .ztz file File passphrase Z-Pepper pattern

This is the CLI Z-Pepper text/pattern, not the ZME1 pattern image. Folder bundles decrypt as a ZIP download.

Ready. Choose ZME1 inputs, or choose a ZeroThink CLI .ztz file with its passphrase and optional Z-Pepper.

What is protected?

The file bytes are encrypted with AES-GCM-256. The password and pattern image are mixed into a derived key using PBKDF2, SHA-256, and HKDF.

What must you keep?

Keep the ZME1 file, the exact pattern image, and the password. Losing either secret means the file cannot be recovered.

CLI compatibility

ZeroThink CLI .ztz decrypt uses the same Z-Pepper envelope as Agent Zero: PBKDF2-HMAC-SHA256, an authenticated HMAC stream, and checksum verification before download.

Security note

Use this page over HTTPS and keep it updated. For highly sensitive files, decrypt offline with the ZeroThink CLI on a trusted machine and keep passphrases out of screenshots or chat logs.