CryptoNotes Logo CryptoNotes
← Back to Home

Security Architecture

A deep dive into how CryptoNotes protects your privacy with 100% mathematical certainty.

01

E2E Encryption

Encryption happens entirely inside your browser. Before any message is sent to the server, it is processed through the AES-GCM 256-bit algorithm via the standard Web Crypto API.

Key Derivation

We use PBKDF2 with 100,000 iterations of SHA-256 to derive the encryption key from your random base key and password.

Gzip Compression

Data is compressed using Gzip (fflate) before encryption to optimize URL length for Zero-DB notes.

02

Zero Knowledge

The decryption key is generated randomly on your device and appended to the URL as a hash fragment (everything after the #).

Technical Fact: Browsers never send the hash fragment to the server.

Because we never receive the key, we have Zero Knowledge of your content. If a government or hacker compromised the database, they would only see a wall of encrypted "blobs" that are impossible to crack without your unique URL.

03

Storage Ecosystem

We offer two distinct ways to handle your encrypted data, allowing you to choose the perfect balance of convenience and absolute privacy.

Cloud Storage

Blobs are stored in the Blind Storage hub. This enables short links and managed features like "Burn after reading".

Zero-DB (Max Privacy)

The encrypted payload lives ONLY in the URL hash. Your browser never sends it to any server. Complete digital anonymity.

04

Blind Storage Hardening

When data is stored on the server, we treat it as a liability. The backend is "blind" by design.

  • Zero Metadata Tracking We do not store IP addresses, creation timestamps, or user agents. The server only knows when to delete the record.
  • Atomic Burn-and-Delete For one-time notes, the record is purged from the database the instant it is requested, ensuring no trail remains.
05

Sovereignty & Trust

Trust should be verified, not assumed. Every line of code running on this platform is open for public audit.

  • Frontend Transparency Inspect the exact encryption logic in your browser console at any time.
  • Pro-Persistance (Self-Hosting) The system is designed with a portable SQLite backend, allowing you to run your own instance with 100% control over the hardware.