Viewport Too Small

Your screen resolution is below the minimum supported width. Please resize your window or use a larger device for the best experience.

PROCESSING...

✦ ZeroNote Architecture

The Threat Model

Standard cloud note apps store data in plaintext or manage the encryption keys for you. A database breach or a rogue admin compromises your sensitive data. Implicit trust in third-party providers is a fundamental security flaw.

Zero-Knowledge Design

ZeroNote implements a strict Zero-Knowledge Architecture. End-to-End Encryption (E2EE) happens entirely client-side. Raw data—including note titles and content—derivation salts, and Master Keys never leave your browser context. Our backend only stores blind ciphertext.

Technical Specs

  • Authentication: Stateless session tokens validated via SHA-256 signatures, combined with strict anti-CSRF mechanisms.
  • Credential Protection: Passwords are salted and hashed using SHA-256 before being stored in the database.
  • Client-Side Crypto: Keys are derived using PBKDF2 via the native Web Crypto API. Data is symmetrically encrypted using AES-256-GCM before network transmission.
  • Infrastructure: The backend is completely decoupled from the encryption logic, functioning strictly as a blind storage layer.

Cryptographic security by default. Trust minimized by design.

ZeroNote

A minimalist, client-side encrypted note. Zero-knowledge architecture ensures your plaintext notes and encryption keys never hit our backend.

Sign In

New here? Create an account

Create Account

Already registered? Sign In

Vault Locked

Enter your Master Basic Key to derive your decryption keys. This operation runs 100% locally in your browser context.