I think you could use AES encryption to generate base64 URLs from cleartext. They will be long and ugly, but reversible with a key and not requiring the database.

Yes, true, did not think about the database. Then no, it cannot be verifiably trustless. Whoever has access to the database can spy on and change the links.

Thanks for your feedback. However, Github Pages only allows static content as far as I know and I need a database in the background with some logic around it. Therefore, I don't see how this would add more security, right? As long as you can be sure that your secret has been correctly encrypted on the client side, it shouldn't matter that match if the storage server is trustworthy or not.

stacks

bitcoin

Verifiably secure dead drop to share bitcoin addresses and other secrets

Host it on Github Pages with automated deployment with Github Actions. That way the source code can be verifyably trustworthy.