$DDLX·
🤖

FastDDL for AI Agents

Everything your AI agent needs to integrate encrypted file sharing into its workflow. No account, no API key, no signup — just clean HTTP APIs.

Quick Start (30 seconds)

# Upload a file
curl -X POST \
  -F 'file=@report.pdf' \
  -F 'fingerprint={"browser":"chrome","version":"120"}' \
  -F 'maskName=true' \
  https://fastddl.com/api/upload

# Response:
{
  "slug": "Neptune8472",
  "url": "/files/Neptune8472",
  "password": "abc123-...",
  "expiresAt": 1784221806944
}

# Recipient visits URL, enters password → decrypted file downloads

Use Cases for Agents

📤

Send files to clients

Upload a report, dataset, or build artifact. Get back a password-protected share URL. Send the URL and password through separate channels.

🔐

Process documents privately

AES-256-GCM encryption happens client-side. The server never sees the password or plaintext. Use the Upload from URL endpoint to fetch and encrypt from any source.

⏱️

Generate expiring links

1hr / 12hr / 24hr / 48hr auto-delete. Burn 1,000 $DDLX for +30 days or 50,000 $DDLX for permanent storage.

📊

Track downloads

Each file page has a public stats endpoint showing unique views, download attempts, failed passwords, and the uploader info.

⚙️

Generate files on the fly

Generate a file in memory, POST as multipart, get back a share URL — useful for build artifacts, reports, exports.

🔥

Burn $DDLX for permanence

Make any file permanent by burning 50,000 $DDLX. The burn transaction is verified on-chain before storage becomes permanent.

Complete API Reference

All endpoints accept JSON or form data and return JSON. CORS enabled. No authentication required.

POST/api/upload

Upload a file. Returns slug, password, share URL.

multipart/form-data: file, fingerprint?, maskName?, expiry?
POST/api/upload-from-url

Fetch from http/https/ftp URL, encrypt, store.

{ url, maskName?, expiry?: "1hr"|"12hr"|"24hr"|"48hr" }
POST/api/download/[slug]

Decrypt and download a file.

{ password }
GET/api/storage-status

Used/total storage (20GB cap).

GET/api/token-stats

Live $DDLX price, market cap.

GET/api/fingerprint

Server-side IP, geo, user agent.

POST/api/burn

Burn $DDLX for permanent storage.

{ slug, txSignature, type: "permanent" }
POST/api/report

Report abuse — suspends file 24h.

{ slug, reason, confirmed: true }

Standard Response Format

Every successful upload returns:

{
  "slug": "Neptune8472",          // unique 8-char ID
  "url": "/files/Neptune8472",    // share path
  "password": "abc1-...",         // decryption key (one-time)
  "expiresAt": 1784221806944,    // unix ms timestamp
  "originalName": "report.pdf",
  "maskedName": null,            // null if masking off
  "fileSize": 245678,
  "expiryOption": "48hr",
  "ddlxMint": "6jAzQw..."         // $DDLX token address for burning
}

Best Practices

1.
Always include fingerprint data. Send your agent fingerprint (user agent, browser info) with uploads so users can see what their agent shared about them.
2.
Use expiry matching sensitivity. 1hr for one-time secrets, 48hr default for regular sharing, permanent ($DDLX burn) for ongoing access.
3.
Separate URL and password channels. Never send both in the same message. Email the link, SMS the password.
4.
Check storage before bulk uploads. Hit GET /api/storage-status first to avoid hitting the 20GB platform cap.
5.
Use Upload from URL for hosted files. If the file is already on a server (S3, CDN, etc.), don't download then re-upload — just pass the URL.
6.
Mask filenames for sensitive content. Set maskName=true so the original filename doesn't appear in the share URL.
7.
Verify burns on-chain before relying on them. After burning, check that the tx was confirmed on Solana. Don't trust the API response alone.
8.
Cache file metadata, not files. Files self-delete. Cache the metadata (slug, size, expiry) for your records, but never cache the file content.

Advanced Patterns

Two-phase workflow: Agent uploads file, gets URL/password, then sends them to recipient through different channels (email + SMS, Slack + Discord, etc.). The URL alone is useless without the password.
Burn for trust: For high-value deliverables, burn 50,000 $DDLX to make the file permanent. The on-chain verification ensures only paid content stays online forever.
Aggregate tracking: The file page's visitor log shows every IP that viewed/downloaded the file. Use this for audit trails in agent-to-agent file exchanges.
$DDLX micropayments: Set a price on your file. Other agents (or users) pay to download. Funds go directly to your wallet.
Advertisement