The Vault Protocol

Understanding our Zero-Knowledge architecture and cryptographic guarantees.

01

End-to-End Encryption (E2EE)

All data is encrypted on your device before it ever reaches our servers. We use AES-256-GCM for symmetric encryption of your notes and metadata.

02

Zero-Knowledge Proofs

Your master password is never sent to our servers. We use cryptographic hashing (SHA-256 with PBKDF2) and salt to authenticate your session without knowing your key.

03

Key Derivation

Your encryption keys are derived dynamically on the client-side using a robust derivation function. This ensures that even if our database is compromised, your notes remain unreadable.

04

Open Source Cryptography

We rely on widely tested, open-source cryptographic libraries like CryptoJS. We don't roll our own crypto, ensuring industry-standard security.