I am a B.Tech Computer Science undergraduate at Amrita Vishwa Vidyapeetham who enjoys building privacy-focused systems and learning by deploying re...
For further actions, you may consider blocking this person and/or reporting abuse
This is genuinely solid work. You didn’t just build an app, you clearly thought through the security model end to end, and catching the static-key issue early shows good instincts. The user-derived key approach & short-lived signed URLs is exactly how zero-trust systems should be built.
What’s interesting is how naturally this could grow without breaking your design. If you ever move beyond purely personal use (shared vaults, delegated access, automation), confidential compute ideas, like running logic in TEEs on platforms such as Oasis ,could fit nicely while keeping the same “don’t trust the server” mindset.
Really nice balance of practicality, security, and cost awareness. This is the kind of project that actually teaches you how systems fail in the real world.
Thanks, I appreciate that. The static-key issue was a key turning point, and extending the same threat model to shared access and confidential compute is definitely on my list.
Great example and solid work, thx for sharing this Pranav. Curious to know if you have got more feedback from users, and whether have seen more interest from others in using this.
And how do you deal with search? Does data encryption introduce a challenge in search, especially as the data grows more and more
Thanks! Most feedback so far has been from family, friends, and privacy-focused users. Search is the main trade-off. Since the server only sees encrypted data, I handle search on the client by decrypting notes in memory and filtering locally. It works well for personal use, but it will need rethinking as the dataset grows.
Great to hear this . Yes, Search would be a challenge for big datasets, but also due to the whole encryption and privacy-preserving impl. How would you do it , keeping the encryption and privacy intact of course. Meta data? indexing?
For larger datasets, I’d lean toward client-side indexing with minimal encrypted metadata. The server stays blind, and search scales without breaking the privacy model. More advanced approaches exist, but they add complexity that isn’t needed yet.
This is a solid example of actual zero-trust design, not just “encrypted at rest” marketing. Client-side key derivation & server seeing only ciphertext is the right call, and your pivot away from env-stored secrets shows good threat modeling. The serverless-monolith approach is also very pragmatic for personal projects.
If you ever want to push this further, the next interesting step would be verifiable or confidential server-side logic e.g., TEEs for things like metadata processing or search, so even compute can be proven without exposing data. But as it stands, this is a clean, well reasoned privacy architecture with real-world tradeoffs handled thoughtfully.
Thank you, I really appreciate that. The shift away from env-stored secrets was a key design turning point, and I agree that TEEs or verifiable compute would be a natural next step if server-side logic ever expands beyond simple coordination.
Neat
Amazing work!
Nice@pranav_kishan_f81e2fc8327