> ## Documentation Index
> Fetch the complete documentation index at: https://docs.shieldhq.xyz/llms.txt
> Use this file to discover all available pages before exploring further.

# Creating Secure Links

> Learn how to create encrypted, access-controlled content on SHIELD

# Creating Secure Links

SHIELD allows you to create secure, access-controlled links for files and messages. This guide covers all the options and best practices.

## Content Types

SHIELD supports two types of content:

<Tabs>
  <Tab title="Files">
    Upload any file type: images, documents, videos, archives, etc.

    **Supported formats**: All file types
    **Max size**: Depends on your plan (Free: 30MB, Pro: 1GB)

    Files are encrypted client-side before upload, so file type detection happens locally in your browser.
  </Tab>

  <Tab title="Messages">
    Write text messages directly in the app.

    **Max length**: free: 500 characters, pro: unlimited
    **Formatting**: Plain text only

    Messages are encrypted with the same AES-GCM 256 standard as files.
  </Tab>
</Tabs>

## Access Policy Options

When creating a link, you configure three key parameters:

### Recipient Address

The Ethereum wallet address that is authorized to access your content.

```
Example: 0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb
```

<Note>
  The recipient must use the same wallet address when accessing the link. Double-check the address before creating the policy—typos cannot be fixed later.
</Note>

### Expiration Time

Set when the link becomes invalid:

| Option   | Duration     | Use Case              |
| -------- | ------------ | --------------------- |
| 1 hour   | 60 minutes   | Quick shares          |
| 24 hours | 1 day        | Time-sensitive docs   |
| 7 days   | 1 week       | Project collaboration |
| 30 days  | 1 month      | Long-term sharing     |
| Custom   | Any duration | Specific needs        |

<Warning>
  Once a link expires, it cannot be reactivated. The encrypted content remains on IPFS but becomes inaccessible.
</Warning>

### Max Attempts

Limit how many times the content can be accessed:

* **1 attempt**: Maximum security, single use
* **3 attempts**: Recommended for most use cases
* **Unlimited**: Convenient but less secure

Each access requires the recipient to sign an on-chain transaction, creating an immutable audit trail.

## Creating a Link

1. **Select Content Type**
   * Click "Upload File" or "Write Message"
   * Follow the prompts

2. **Configure Policy**
   * Enter recipient wallet address
   * Select expiration
   * Set max attempts

3. **Create**
   * Review your settings
   * Click "Create Secure Link"
   * Sign the transaction in your wallet

4. **Copy the Link**
   <Warning>
     **CRITICAL**: The secure link is only shown once. The decryption key is in the URL fragment (after `#`). Copy the entire link immediately.
   </Warning>

## Link Format

A SHIELD secure link looks like:

```
https://app.shieldhq.xyz/r/{policyId}#{secretKey}
```

| Component   | Description                                       |
| ----------- | ------------------------------------------------- |
| `policyId`  | Unique identifier for your access policy (public) |
| `secretKey` | Decryption key (private, never leaves browser)    |

## Best Practices

<AccordionGroup>
  <Accordion title="Verify the recipient address">
    Always double-check the wallet address. One wrong character means the wrong person (or no one) can access your content.
  </Accordion>

  <Accordion title="Set reasonable expiration">
    Don't set links to expire too soon. Give recipients enough time to access the content, especially considering time zones.
  </Accordion>

  <Accordion title="Limit attempts appropriately">
    3 attempts is usually sufficient. The recipient can view the content multiple times within each attempt.
  </Accordion>

  <Accordion title="Share the link securely">
    Send the link through a different channel than you used to communicate the existence of the content. This provides defense in depth.
  </Accordion>

  <Accordion title="Keep your own copy">
    SHIELD doesn't store your unencrypted content. Keep a backup of important files.
  </Accordion>
</AccordionGroup>
