PrivyNote is a minimalist, open-source platform for sharing encrypted notes that self-destruct after being read. It features end-to-end encryption, ensuring that even the server never sees the plaintext content of your notes.
- E2E Encryption: AES-GCM (256-bit) encryption performed entirely in the browser.
- Zero-Knowledge: The server stores only the ciphertext. The encryption key is never transmitted.
- Self-Destruction: Notes are deleted immediately after being read (optional).
- Expiration: Notes automatically expire after a set duration (10m, 1h, 1d, 7d).
- Rate Limiting: Protection against abuse.
- Privacy First: No tracking, no ads, no cookies, no localStorage.
- Framework: Next.js (App Router)
- Database: PostgreSQL
- ORM: Prisma
- Ciphers: WebCrypto API
- Styling: Tailwind CSS
- Clone the repository
- Install dependencies:
npm install
- Setup Environment:
Create a
.envfile based on.env.example:DATABASE_URL="postgresql://user:password@localhost:5432/privnote?schema=public" - Run Database:
docker-compose up -d db
- Apply Migrations:
npx prisma migrate dev
- Start Dev Server:
npm run dev
To run the entire stack with Docker:
docker-compose up --buildThe application will be available at http://localhost:3000.
- Key in Fragment: The encryption key is stored in the URL fragment (
#). Fragments are not sent to the server by browsers, maintaining zero-knowledge. - Token Hashing: The public identifier (
token) is hashed using SHA-256 before being stored in the database. - Memory Safety: Ciphertext is handled as JSON payloads. Plaintext only exists in the client's memory during encryption/decryption.