Documentation
Technical documentation and guides for SecureVault
Quick Start
Get up and running in minutes
Security Model
How we protect your data
Encryption
AES-256-GCM implementation details
API Reference
For developers and integrations
Quick Start
- Create an account - Sign up using Google or GitHub OAuth
- Create your first memo - Click "New Memo" on the dashboard
- Set an encryption password - Choose a strong, unique password
- Save your memo - Your content is encrypted before leaving your device
Security Model
Zero-Knowledge Architecture
SecureVault employs a zero-knowledge security model. This means:
- All encryption/decryption happens in your browser
- Your password never leaves your device
- We only store encrypted ciphertext
- Even with full database access, your data is unreadable
Encryption Details
AES-256-GCM
We use AES-256-GCM (Galois/Counter Mode) for all encryption:
- Key Derivation: PBKDF2 with 100,000 iterations
- IV: Randomly generated 12-byte IV per encryption
- Authentication: GCM provides built-in authentication
- Salt: Unique 16-byte salt per memo
Data Format
{
"salt": "base64-encoded-salt",
"iv": "base64-encoded-iv",
"ciphertext": "base64-encoded-encrypted-data",
"version": 1
}API Reference
SecureVault provides a REST API for programmatic access. All API requests require authentication via Bearer token.
Endpoints
GET /api/memos - List all memos
POST /api/memos - Create a new memo
GET /api/memos/:id - Get a specific memo
PATCH /api/memos/:id - Update a memo
DELETE /api/memos/:id - Delete a memo