> ## Documentation Index
> Fetch the complete documentation index at: https://mux.coder.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Message Sharing

> Share encrypted messages with cryptographic signatures via Mux

Mux lets you share assistant messages via [mux.md](https://mux.md), an end-to-end encrypted paste service. Shared messages can also be cryptographically signed to prove authorship.

<img src="https://mintcdn.com/mux/cN5dYkVJIwYOdZUB/img/message-sharing.webp?fit=max&auto=format&n=cN5dYkVJIwYOdZUB&q=85&s=f94d805679f07bf0c20c01cd908e988b" alt="Sharing" width="2894" height="1694" data-path="img/message-sharing.webp" />

## How sharing works

1. **End-to-end encryption**: Content is encrypted in your browser using AES-256-GCM before upload. The encryption key stays in the URL fragment and is never sent to the server.

2. **Optional signing**: When a signing key is available, Mux signs the content with your private key. Recipients can verify the signature on mux.md.

3. **Expiration**: Shares can expire after 1 hour, 24 hours, 7 days, 30 days, or never. You can change expiration after sharing.

## Message signing

Signing proves that you authored a shared message. When enabled, mux.md displays your GitHub username alongside a “Verified” badge.

### Signing key discovery

Mux looks for a signing key in these locations (first match wins):

1. `~/.mux/message_signing_key` — Mux-specific key (can be a symlink)
2. `~/.ssh/id_ed25519` — standard SSH Ed25519 key
3. `~/.ssh/id_ecdsa` — standard SSH ECDSA key

Mux can also sign using keys loaded in your SSH agent when `SSH_AUTH_SOCK` is set (for example,
1Password's SSH agent). Agent-backed keys are preferred over the default `~/.ssh/id_*` files.

<Tip>
  To reuse an existing key without copying it:

  ```bash theme={null}
  ln -s ~/.ssh/id_ed25519 ~/.mux/message_signing_key
  ```
</Tip>

### Supported key types

* **Ed25519** (recommended) — fast, secure, 32-byte keys
* **ECDSA** — P-256, P-384, and P-521 curves supported

Encrypted key files (passphrase-protected) are skipped automatically unless the key is available via ssh-agent.

### GitHub identity detection

To display your GitHub username on signed shares, Mux detects your identity via the GitHub CLI:

```bash theme={null}
gh auth status
```

If you're logged in with `gh auth login`, your GitHub username appears on mux.md alongside the signature verification.

<Note>
  GitHub CLI is optional. Without it, shares are still signed—recipients just see the public key
  fingerprint instead of your username.
</Note>

### Enabling/disabling signing

Click the pen icon in the share popover to toggle signing on or off. This setting persists across sessions.

When signing is disabled (or no key is found), shares are still encrypted—they just won’t include a signature.

## Using shared content in Mux

Mux can read mux.md URLs using the `web_fetch` tool. When you paste a mux.md link into chat, Mux decrypts the content client-side and makes it available to the assistant.

This enables several workflows:

* **Cross-session sharing**: Move context or instructions between workspaces in the same Mux client
* **Team collaboration**: Send encrypted snippets to teammates who can paste them into their own Mux sessions
* **Preserving context**: Save important outputs and retrieve them later in new conversations

Paste any `https://mux.md/<id>#<key>` URL into your message, and Mux will fetch and decrypt the content.

<Tip>
  The encryption key (after `#`) never leaves your client. Only the encrypted blob travels over the
  network.
</Tip>

## Generating a signing key

If you don’t already have an SSH key, generate one:

```bash theme={null}
# Ed25519 (recommended)
ssh-keygen -t ed25519 -f ~/.mux/message_signing_key -N ""

# Or ECDSA
ssh-keygen -t ecdsa -b 256 -f ~/.mux/message_signing_key -N ""
```

The `-N ""` flag creates a key without a passphrase (required for Mux to use it automatically).