I built 50+ developer tools that run entirely in your browser — here's why privacy matters and how I did it

Every week I open a new browser tab and search for something like "json formatter online" or
"jwt decoder" or "regex tester". And every week I land on a site that:

• Shows me three ad banners before I can see the tool
• Requires me to create an account to "save" my work
• Is quietly uploading my payload to their server

That last one bothers me most. Developers paste real things into these tools — JWT tokens
with live user data, passwords they're about to deploy, private keys, internal API responses.
Most people assume these tools are "just a webpage" and nothing is being sent anywhere. Often
that's not true.

So I built SnapTxt — a collection of 50+ developer utilities that run
100% client-side. No backend. No account. No tracking. Your data never leaves your browser.

What's in it

The toolkit covers the things I reach for most often:

Data & text

• JSON formatter, validator, minifier, diff, tree explorer
• SQL formatter
• XML formatter
• YAML → JSON, CSV → JSON converters
• Base64 encode/decode, URL encoder, hash generator

Auth & security

• JWT decoder & generator
• RSA key generator
• bcrypt generator
• x.509 certificate decoder
• Password generator

Images

• Image compressor
• Image format converter
• Image to text (OCR via Tesseract.js)
• SVG to PNG, favicon generator, code-to-image

Frontend / CSS

• Regex tester
• CSS gradient generator, box shadow generator
• Color converter
• Mermaid live editor
• HTML live editor, HTML to Markdown, HTML to JSX
• Cron expression builder

And more — word counter, text diff, unix timestamp, lorem ipsum, QR code generator,
markdown to PDF, and a collection of Australian and NZ business number validators.

How it's built

It's a Next.js app deployed as a fully static export to Firebase Hosting. There is no server.
Every tool runs in the browser using:

• CodeMirror 6 for editor-style inputs
• Tesseract.js for OCR (runs a WASM binary in a web worker)
• Chrome's built-in Prompt API (Gemini Nano) for the AI explain features in JSON, SQL, and JWT tools — meaning even the AI inference is on-device

The static export also means it works offline after the first load.

The privacy model

The privacy guarantee isn't a policy — it's an architecture fact. When there's no server,
there's nothing to send data to. You can verify this by opening DevTools and watching the
Network tab while you use any tool. The only requests are for static assets.

This matters for developers specifically. If you're debugging a production JWT, you probably
shouldn't be pasting it into a random website. Same for passwords, private keys, internal
JSON payloads, and database query results.

What I'd love feedback on

• Which tools are missing that you reach for regularly?
• Are there tools where the "no server" constraint is actually a limitation?
• Anything broken or slow on your device/browser?

Check it out at snaptxt.app — and if you find it useful, I'd really
appreciate a share or a link.