Zero-Knowledge Vault
InfoHub
Your master password never leaves this browser. The browser derives the keys locally, signs API requests locally, and encrypts every entry with AES-256-GCM before anything reaches Cloudflare or D1.
Master Password Required
Cloudflare still sees network metadata required to serve the app, but it should only ever receive ciphertext plus signed requests. Titles, content, and client timestamps stay encrypted at rest and in transit.