Privacy isn't a feature.
It's the architecture.

Most companies promise not to look at your data. We designed PrivStack so we can't — even if we wanted to, even if compelled by law.

Your productivity tools know too much.

Every note in a cloud app, every task in a SaaS tool, every event in an online calendar — accessible to employees, vulnerable to breaches, subject to subpoenas. "Trust us" isn't security. It's a liability.

Zero-knowledge. Zero exceptions.

Your data is encrypted on your device, with keys derived from your password. We never see your password. We never see your keys. We never see your data.

YOUR DEVICE
├── Your Password (plaintext only during unlock)
│   └── Argon2id (19 MiB memory, 2 iterations)
│       └── Master Key (never stored, re-derived on unlock)
│           ├── Entity Key 1 → Note 1 (ChaCha20-Poly1305)
│           ├── Entity Key 2 → Task 1 (ChaCha20-Poly1305)
│           ├── Entity Key 3 → Password (vault-locked)
│           └── Entity Key N → File N (vault-locked)
│
├── SHARING (optional)
│   ├── Entity keys can be shared per-peer
│   ├── ACLs enforced: Viewer / Editor / Admin / Owner
│   └── Password change → re-wrap keys, no re-encryption
│
└── Encrypted only ↓
    ├── P2P Sync (libp2p + QUIC + Noise protocol)
    ├── Relay (sees only encrypted packets)
    ├── Google Drive (ciphertext only)
    └── iCloud (ciphertext only)

WE NEVER SEE ANY OF THIS.

Your Password

Turned into an unbreakable key on your device

Your Master Key

Protects a separate lock for every note, task, and file

Your Data

Encrypted everywhere — on your device, in transit, and in any backup

We never see any of this.

Two-Tier Key Architecture

How Your Data Stays Protected

Each document gets its own random 256-bit encryption key. Your master key encrypts these per-document keys — not the documents directly. This means: changing your password re-wraps the key envelope without re-encrypting all your data. Sharing a document with a peer means sharing just that document's key, without exposing your master key. And compromising one document key doesn't compromise any others.

Every note, task, and file has its own separate lock. Your password protects a master key, which protects each document separately. If you change your password, your data doesn't need to be re-encrypted. If you share a document, only that document's key is shared — nothing else.

Cryptography Specifications

Component	Algorithm	Purpose
Content Encryption	ChaCha20-Poly1305	Authenticated encryption for all content (256-bit keys)
Key Derivation	Argon2id	Memory-hard password hashing (19 MiB, 2 iterations per OWASP 2023)
Key Wrapping	ChaCha20-Poly1305	Per-document key encryption with unique nonces
Transport	QUIC + Noise Protocol	Peer authentication and encrypted P2P connections
Peer Discovery	SHA-256	Sync code hashing for DHT namespace isolation
Random Generation	OS CSPRNG	Cryptographically secure randoms (96-bit nonces)
Hashing	BLAKE3	Fast, secure integrity checks
Memory Safety	Zeroize on Drop	Key material automatically cleared from memory

What We Use and Why

Military-grade encryption

Your data is protected with the same class of encryption trusted by governments and security experts worldwide. Even we can't break it.

Unbreakable password protection

Your password is turned into an encryption key using a process designed to be impossible for attackers to brute-force — even with specialized hardware.

Secure device connections

When your devices sync, they verify each other's identity and create a private, encrypted tunnel. No one can intercept or tamper with your data in transit.

Keys that clean up after themselves

Encryption keys are automatically wiped from memory the moment they're no longer needed, reducing the risk of memory-based attacks.

What We Don't Have

Your notes content — encrypted on your device
Your tasks — encrypted on your device
Your calendar events — encrypted on your device
Your passwords and TOTP secrets — encrypted in a separate vault
Your files — encrypted before storage or sync
Your password — never transmitted
Your encryption keys — derived locally, zeroed from memory after use
Your IP address (in app) — app doesn't phone home
Your usage patterns — no telemetry at all, we track nothing
Your sharing permissions — ACLs propagated as encrypted CRDT events

Your notes, tasks, or calendar events
Your passwords or login codes
Your files or documents
Your actual password
Your encryption keys
Your IP address — the app doesn't phone home
What you do in the app — we have zero tracking
Who you share with or what permissions you set

What We Do Have

Email address (account management)
License key (activation)
Payment info (via Stripe — we don't see card numbers)

That's it. The bare minimum for account management.

Sync Security

Peer-to-Peer Sync

Built on libp2p with QUIC transport (UDP, low-latency). Devices discover each other via mDNS (local network) or Kademlia DHT (global, opt-in). Peers authenticate using the Noise protocol, then establish encrypted connections. All sync traffic is end-to-end encrypted.

Pairing uses human-readable 4-word sync codes (e.g., "PEAR-MANGO-KIWI-GRAPE"). The code is SHA-256 hashed to create an isolated DHT namespace — only peers with the same code can discover each other. Peers must be manually approved before they become trusted.

Sharing with Others

P2P sync isn't just for your own devices. Share specific documents, notes, or files with other PrivStack users. Granular per-entity sharing means you choose exactly what each peer can access — nothing more.

Access is enforced at every sync gate: handshake, sync request, event send, and event receive. Peers without permission are filtered out before any data leaves your device.

Cloud Sync

Data is encrypted locally before upload. Your cloud provider (Google Drive, iCloud) stores only ciphertext — meaningless encrypted blobs they cannot decrypt. TLS protects the transport layer, and application-level E2E encryption protects the content.

Relays

When devices can't connect directly (NAT, firewalls), relays bridge the gap. All traffic through relays is end-to-end encrypted — relays see only encrypted packets and cannot read, modify, or correlate your data.

CRDT-Based Consistency

Sync uses Conflict-free Replicated Data Types (CRDTs) — mathematically guaranteed to converge. Vector clocks track causality across peers. Event IDs prevent replay attacks. Bidirectional delta sync means only missing events are exchanged, not full state.

Enterprise & Government-Grade Access Control

Share Safely With Your Team

PrivStack's sync engine includes a full role-based access control system with audit logging and team management — designed for organizations that need compliance-grade security without sacrificing the local-first architecture. Team and enterprise plans are actively being worked on.

Control exactly who can see or edit your shared items. Set up teams and track who accessed what — all without any cloud server. Team and enterprise plans are actively being worked on.

Permissions

Choose who can view, edit, or manage each shared item. Nobody gets access you didn't grant.

Teams

Group people into teams and give access to the whole group at once. Changes sync to everyone automatically.

Activity Log

See who accessed what and when. Every decision is recorded for your records.

Role-Based Access Control (RBAC)

Four-level role hierarchy enforced at every sync boundary:

Viewer — Read-only access to shared entities
Editor — Read and write access
Admin — Full control plus ACL modification
Owner — Ultimate authority over entity

Comprehensive Audit Logging

Every access decision is logged with full context:

Peer identity, entity, action type, and timestamp
Decision recorded: Allowed, Denied, or Filtered
In-memory circular buffer (10,000 entries) + persistent SQLite storage
Covers handshakes, sync requests, event sends, and event receives

Team Management

Group peers into teams for bulk access grants. Teams have roles on entities, with hierarchical resolution — the highest effective role applies. Add or remove team members, and access updates propagate automatically via CRDT-based ACL events.

Privacy-First Licensing

License keys are tied to your account, not your devices. No device fingerprinting, no hardware tracking, no limits on how many devices you use. We don't know or care which devices you own — your license, your rules.

ACL Propagation via CRDTs

Access control changes aren't just local — they replicate across peers as sync events, versioned and conflict-free like any other data. Grant a peer Editor access on your phone, and the permission propagates to all your devices automatically. Privilege escalation is prevented: only peers with Admin or Owner role can modify ACLs. The system supports per-peer grants, per-team grants, and default roles per entity.

Threat Model

What We Protect You From

Protected Against

PrivStack employees reading your data
Our servers getting hacked (we have minimal servers)
Cloud provider breaches (encrypted before upload)
Subpoenas to us (we can't decrypt what we don't have)
Man-in-the-middle attacks (QUIC + Noise protocol peer authentication)
Device theft (encryption at rest with Argon2id-derived keys)
Network eavesdropping (E2E encrypted in transit)
Replay attacks (event IDs and vector clocks prevent duplicates)
Unauthorized peer access (ACL-gated sync with role enforcement)
Malicious plugins (permission-based plugin model)
Privilege escalation (Admin+ role required to modify access controls)

Our employees reading your data
Our servers getting hacked — we barely have any
Your cloud storage being breached — they only have encrypted gibberish
Legal requests to us — we can't hand over what we can't read
Hackers intercepting your data in transit
Someone stealing your device — your data is still locked
Anyone snooping on your network
Bad actors trying to sneak in duplicate or fake data
Unauthorized people accessing your shared items
Plugins trying to access data you didn't allow
People trying to give themselves more access than they should have

Not Protected Against

Weak passwords (use a strong one)
Malware on your device (keep your device secure)
Forgetting your password (we can't recover it)
Physical coercion against you (no technology can prevent this)

No technology can fully protect against these threats.

Security Practices

Written in Rust

The entire core — CRDTs, sync engine, encryption, storage, and plugin host — is written in Rust. Memory-safe by default, preventing entire classes of security vulnerabilities at compile time.

Dependencies Audited

We use cargo deny to audit dependencies for known vulnerabilities. Crypto primitives use well-reviewed libraries (chacha20poly1305, argon2, blake3).

Signed Releases

All releases are cryptographically signed with SHA256 checksums published. Auto-updates verify signatures before applying.

No Silent Updates

Auto-update only with your consent. You control what runs on your device.

Automatic Key Zeroization

All key material implements the Zeroize trait — encryption keys are automatically cleared from memory when no longer needed, reducing the window for memory-based attacks.

Source-Available Under Polyform Strict

The Rust core engine, .NET desktop shell, and relay server are published on GitHub. Audit the encryption implementation, verify our claims, and confirm there are no backdoors. Don't trust us — read the code.

Compliance

GDPR Compliant

We can't access your data by design. Full compliance with European privacy law.

CCPA Compliant

Minimal data collection. Full compliance with California privacy law.