A secure, end-to-end encrypted note sharing application with zero-knowledge architecture.
- AES-128-GCM encryption for note content
- Ed25519 digital signatures for edit authentication
- HKDF key derivation for secure token generation
- Short URLs (~24 characters) using base64url encoding
- Read Token: Allows decryption and viewing of notes
- Edit Token: Includes signing key for authenticated updates
- Tokens stored in URL fragments (never sent to server)
- Encryption happens entirely in your browser
- Server only stores encrypted data and public keys
- We cannot decrypt or read your notes
- No tracking, analytics, or user monitoring
- Encryption: AES-128-GCM with WebCrypto API
- Key Size: 128-bit AES keys (16 bytes)
- Signatures: Ed25519 for edit authentication
- Key Derivation: HKDF-SHA256 for deterministic key generation
- Nonce: 96-bit random IV for each encryption
- Token Format: Version header + key material in base64url
- Client-side encryption: All cryptographic operations in browser
- Authentication: Ed25519 signatures verify edit permissions
- Integrity: GCM mode provides authenticated encryption
- Forward secrecy: Each note has unique encryption keys
- No key escrow: Keys never leave the client
# Install dependencies
npm install
# Run development server
npm run dev
# Build for production
npm run build
# Start production server
npm startCreate a .env file with your database connection:
DATABASE_URL="postgresql://..."# Run migrations
npx prisma migrate dev
# Generate Prisma client
npx prisma generate- Next.js 15 with App Router
- TypeScript for type safety
- TailwindCSS for styling
- Web Crypto API for encryption
- Next.js Server Actions for API
- PostgreSQL database
- Prisma ORM for data access
- Stores only encrypted data and public keys
- Password protection (optional)
- Auto-expiration (1 hour to 1 month)
- Self-destruct after reading
- No server-side decryption capability
- Note Creation: Generate random master secret and derive encryption keys
- Encryption: AES-128-GCM encryption in browser with AAD binding
- Signature: Ed25519 signature for edit authentication
- Storage: Server stores encrypted data and Ed25519 public key
- Sharing: URL contains note ID + encryption tokens in fragment
- Decryption: Client-side only using token from URL fragment
- ✅ End-to-end encryption with AES-128-GCM
- ✅ Digital signatures for edit authentication
- ✅ Keys never sent to server (URL fragments)
- ✅ Zero-knowledge storage (we can't read notes)
- ✅ No tracking or analytics
- ✅ Open source and auditable
⚠️ Lost tokens = lost notes (no recovery possible)
MIT License - See LICENSE file for details
For security issues, please email security@yournotesyourkey.xyz
Contributions welcome! Please read our contributing guidelines before submitting PRs.