๐Ÿ”’ 100% on-device ยท no cloud ยท no API key

Paste the gibberish.
Sift tells you what it is.

Any token, API error, JWT, certificate, log line, or webhook payload โ€” Sift identifies it, decodes every layer, and explains what it means and what to do next.

No cloud. No API key. Nothing ever leaves your Mac.

Download for macOS Try Pro Free

macOS 26 (Tahoe) ยท native (~1 MB) ยท 7-day trial, no card ยท on-device AI, local-first by design

paste  eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiโ€ฆ
jwtโ†’json
JWT (HS256) โ€” EXPIRED (3062 days ago)
alg: HS256   exp: 2018-01-18T02:30:22Z   sub: 1234567890
โœฆ EXPLANATION ๐Ÿ”’ on-device AI
This is an expired HS256 JWT. It uses a shared secret, so anyone holding that secret can forge tokens โ€” keep it server-side. The token expired long ago and should be rejected; re-issue a fresh one if the session is still valid.

Identify โ†’ decode โ†’ explain

Most tools make you guess what the thing is and pick the right converter. Sift recognizes it automatically, peels every layer into a visible decode chain, and โ€” because the deterministic core nails the facts first โ€” adds a short, on-device AI explanation on top.

๐Ÿ”Ž

Auto-detect

19 detectors compete by confidence โ€” base64, JWT, gzip, PEM/X.509, plist, hashes, YAML/XML and more. No menus, no guessing.

โ›“๏ธ

Decode chain

Double-URL-encoded JSON? gzip-in-base64? Sift recursively unwraps it and shows the full path: url โ†’ url โ†’ json.

โœฆ

Explain + next step

What it means and what to check next โ€” alg:none auth-bypass, expired certs, weak password hashes โ€” facts from the core, prose from on-device AI.

Built for the stuff that wastes your afternoon

The more code AI writes, the more opaque fragments you have to make sense of.

JWT & OAuth

Decode header/payload, humanize exp, flag expired tokens and unsigned alg:none.

Multi-layer payloads

URL-encoded โ†’ base64 โ†’ JSON, unwrapped automatically with the chain shown.

API / OAuth errors

invalid_grant & friends โ€” meaning, common causes, and a debug checklist.

PEM / certificates

Subject, issuer, validity, SAN, expiry โ€” from a hand-written ASN.1 parser, no Keychain.

Password hashes

bcrypt / argon2 / sha-crypt with work factor, plus bare-digest cracking warnings.

Messy logs & agent dumps

Scan a blob and Sift extracts every embedded artifact, decoding each on its own.

Privacy is the whole point

The things you paste โ€” tokens, secrets, production logs โ€” are exactly what cloud tools can't be trusted with. Sift is structurally incapable of leaking them.

๐Ÿ”’

Nothing leaves your Mac

Decoding is local. The AI explanation runs on Apple Foundation Models, on-device โ€” no network call, ever.

๐Ÿงฑ

Facts never depend on AI

A deterministic core owns correctness; the model only writes the summary. If it declines, you still get the verified answer.

๐Ÿ™ˆ

No account, no tracking

No account required for inspection. No inspected content is logged, tracked, or sent anywhere. License verification sends only your key โ€” never the content you inspect.

Buy once. Yours for good.

No subscription. No cloud cost. Sift runs locally on your Mac โ€” with a 7-day Pro trial, no card required.

Sift Pro
$39$19
launch price ยท normally $39 ยท 7-day free trial, no card
  • Unlimited artifact inspection
  • JWT, OAuth errors, certificates, hashes, logs & payloads
  • Recursive decode chain
  • On-device AI explanations
  • Scan messy logs / agent dumps
  • Batch & file parsing
  • Deep history, save & export
  • Global shortcut: copy โ†’ decode anywhere
  • No cloud. No API key. Nothing leaves your Mac.
Start 7-day trial

Launch price for early users. Includes all 1.x updates. License verification sends only your license key โ€” never the content you inspect.