The Vault Protocol
Understanding our Zero-Knowledge architecture and cryptographic guarantees.
01
End-to-End Encryption (E2EE)
All data is encrypted on your device before it ever reaches our servers. We use AES-256-GCM for symmetric encryption of your notes and metadata.
02
Zero-Knowledge Proofs
Your master password is never sent to our servers. We use cryptographic hashing (SHA-256 with PBKDF2) and salt to authenticate your session without knowing your key.
03
Key Derivation
Your encryption keys are derived dynamically on the client-side using a robust derivation function. This ensures that even if our database is compromised, your notes remain unreadable.
04
Open Source Cryptography
We rely on widely tested, open-source cryptographic libraries like CryptoJS. We don't roll our own crypto, ensuring industry-standard security.