Notes you can deny you have.
An encrypted online notepad where one URL can hide many notebooks behind different passwords. Even we can't tell how many you have, or whether you have any. The closest thing to a deniable scratchpad you can open in any browser without installing anything.
Have a .fvault backup? Restore it to a new URL
No account. No email. Your password is your only key — we never see it. How does this compare to ProtectedText, Standard Notes, CryptPad, Privnote?
Bring your own storage
Prefer to keep the ciphertext on your own disk? Store the entire vault as a single .flowvault file and nothing ever reaches our servers.
Plausible deniability
Multiple passwords unlock different notebooks on the same URL. Decoys are cryptographically indistinguishable from random data.
We see nothing
Your password never leaves your browser. The server only stores opaque ciphertext plus your Argon2id salt.
Trusted handover
Pick a beneficiary and a check-in cadence. If you go quiet past the interval, a hand-wrapped key unlocks the vault for them — and nobody sooner.
Time-locked notes
Encrypt a message to a future moment. Nobody — not even us — can read it before the drand beacon publishes the unlock round. Optional password gate for when the link might travel through untrusted channels.
Lock a message→Multi-notebook tabs
One password unlocks a whole workspace, not a single page. Add tabs, rename them, reorder them. Every tab lives inside the same encrypted slot, so titles and content are just as zero-knowledge as the notes themselves. Decoy passwords get their own independent tab set in their own slot.
Encrypted Send
One-shot notes that self-destruct after opening. Share a password, API key, or recovery phrase through a link that vanishes after the recipient reads it — or after an expiry you pick. The AES-256 key lives in the URL fragment, so our servers literally cannot decrypt it.
Send a secret→Encrypted backup & restore
Download a vault as a single .fvault file — opaque ciphertext plus KDF parameters, no passwords inside. Restore on any Flowvault instance (including a self-hosted one) at a fresh URL and every slot, including decoys, comes back intact. A plaintext Markdown export is available too, behind a confirmation, for migrating out.
Bring your own storage
Prefer to keep the ciphertext off our servers entirely? Store the whole vault as a single .flowvaultfile on your device. Same hidden-volume format, same Argon2id + AES-GCM, same multi-notebook tabs — but reads and writes hit your disk via the File System Access API. Great for laptops you control, encrypted external drives, and anyone who treats “we can't see your ciphertext” as an even stronger claim than “we can't decrypt your ciphertext.” S3-compatible and WebDAV backends are on the roadmap.
Fully open source
Frontend, Cloud Functions, Firestore rules, and deployment config are all in the public repo. Audit every line that touches your data — or self-host the entire stack.
Why Flowvault instead of ProtectedText?
Flowvault isn't just a rebuild — it's a deliberate upgrade on almost every dimension that matters for a zero-knowledge notepad.
Memory-hard password hashing
Argon2id with 64 MiB of memory and 3 iterations per guess — the winner of the Password Hashing Competition and the OWASP-recommended default. ProtectedText today also uses Argon2id (32 MiB), but every save still uploads a parallel legacy blob keyed only by the raw password — bypassing Argon2 entirely if their database is ever stolen.
Authenticated encryption
AES-256-GCM detects any tampering with your ciphertext. ProtectedText-style AES-CBC is malleable: bitflips in the blob go undetected.
Hidden volumes
The killer feature. Hand over a decoy password under coercion and your real notebook stays invisible. No competing web notepad does this.
Multi-notebook tabs per password
A password isn't one page — it's a whole workspace. Add tabs, rename, reorder, delete. Titles and contents are encrypted together inside the slot, so the tab list is as zero-knowledge as the notes. Decoy passwords unlock their own independent tab sets.
Fixed-size ciphertext
Every Flowvault blob is exactly the same size no matter how much you write, so the server can't tell heavy users from light ones or count notebooks.
Optimistic concurrency
Edit in two tabs without losing work. Every write is CAS-protected by a version counter, so stale writes are rejected instead of clobbering fresh ones.
Upgradable KDF
Argon2 parameters are stored inside the vault, so we can raise the cost as hardware improves without breaking any existing vaults.
Open source, end to end
Not just the frontend — the Cloud Functions, the Firestore security rules, and the deployment config are all in the repo. You can audit every line that touches your data, or self-host the entire stack.
No ads, no tracking
Zero analytics, zero third-party scripts, zero ads. Your browser talks to Firestore and to nothing else.
Published threat model
We tell you honestly what we can and cannot defend against — including the cases where plausible deniability is weaker. No hand-waving.
Self-destructing Encrypted Send
A Bitwarden-Send / Privnote-style one-shot link, but account-less and open source end-to-end. The AES-256 key lives in the URL fragment (never reaches our servers), views are enforced by a Cloud Function that hard-deletes the bytes on the last read, and an optional password adds a second gate even if the link leaks.
Zero-knowledge backup & restore
Download a full vault as a .fvault file — the same ciphertext the server holds, never decrypted anywhere. Restore to any Flowvault instance (including self-hosted) at a fresh URL and every slot, including decoy passwords, is preserved. ProtectedText has no export or backup function; Flowvault's format makes migration and self-hosting a one-click flow.
Feature-by-feature
| Property | Flowvault | ProtectedText |
|---|---|---|
| Password-to-key derivation | Argon2id · 64 MiB · 3 iters · HKDF expansion | Argon2id · 32 MiB · adaptive ~300 ms |
| Legacy plaintext-password blob | No | Yes — every save uploads encryptedContentLegacy keyed only by the raw password |
| Encryption mode | AES-256-GCM (authenticated) | AES-256-CBC (unauthenticated) |
| Plausible deniability | Yes · hidden volumes | |
| Fixed-size ciphertext | ||
| Tamper detection | ||
| Two-tab edit safety | CAS version counter | Last-writer-wins |
| Multi-notebook tabs per password | Yes (inside the same encrypted slot; titles + order are encrypted too) | One note per page (tabs, if any, are per-URL) |
| Time-locked notes | Yes (drand + optional password) | |
| Self-destructing one-time notes | Yes (AES-256, URL-fragment key, server-enforced view count + TTL, optional password) | |
| Trusted handover to a beneficiary | Yes | |
| Open source | Frontend + Functions + Firestore rules | Client JS only (server code closed, per their FAQ) |
| Ads / trackers | None | None |
| Account required | No | No |
| Self-hostable | ||
| Bring Your Own Storage (vault lives on your device, not our servers) | Yes — .flowvault local file via the File System Access API; S3-compatible & WebDAV planned | |
| Encrypted backup / restore | Yes — .fvault file preserves all slots, no password inside | No — notes only leave the browser as a manual copy-paste |
| Plaintext export (Markdown) | Yes — current slot only, with explicit confirmation |
Comparison reflects ProtectedText's publicly documented behavior at time of writing. Corrections welcome via GitHub.
Encrypted Send vs. Privnote, Bitwarden Send, 1Password Share
Burn-after-reading links aren't new; Flowvault's take is to make one that's account-less, open source end-to-end, and lives alongside your long-lived vault and time-locks under a single URL.
| Property | Flowvault Send | Privnote | Bitwarden Send | 1Password Share |
|---|---|---|---|---|
| Open source end-to-end | Yes — frontend, Cloud Functions, and Firestore rules all in one public repo | No — server is closed; only inspectable client JS | Partial — Bitwarden clients and server are open, but the hosted service runs their own infrastructure | |
| Account-less for the sender | ||||
| Self-hostable | Yes (Vaultwarden or official self-host) | |||
| Encryption | AES-256-GCM (authenticated) | AES (CBC in public docs; unauthenticated) | AES-256-CBC with HMAC | AES-256-GCM |
| Decryption key location | URL fragment (#k=…); server never sees it | URL fragment | URL fragment | URL fragment |
| Optional password on top of link | Yes (Argon2id + AES-GCM, same FVPW frame as time-locks) | Paid tier only | ||
| Server-enforced view cap (atomic hard-delete) | Yes — Cloud Function transaction deletes on last view | Yes (default 1 view) | Yes | Yes |
| Max lifetime | 30 days | 30 days | 31 days | 30 days (14 on lower tiers) |
| File attachments | Text only (on the roadmap) | Text only | Paid tier | |
| Price | Free | Free + paid tier | Free (text) · paid for files / advanced options | Requires paid 1Password subscription |
| Lives next to a long-lived zero-knowledge vault + time-locked notes | Password manager, not a notepad | Password manager, not a notepad |
Comparison reflects publicly documented behavior of each service at time of writing. Corrections and additions welcome via GitHub.
Need something like this, built right?
Flowvault is built by Flowdesk, a small studio that ships privacy‑first web apps, end‑to‑end encrypted systems, crypto/web3 products, and native & hybrid mobile apps— the kind of engineering where getting the details wrong is the whole story. If you want a product where “the server can't read your data” is a real claim and not a marketing line, we should talk.
Flowvault
Zero-knowledge encrypted notepad
The app you're reading. Argon2id + AES‑256‑GCM, hidden‑volume plausible deniability, drand‑backed time‑locked notes, dead‑man's switch to a beneficiary, Bring‑Your‑Own‑Storage local vaults, and self‑destructing Encrypted Send. Frontend, Cloud Functions, and Firestore rules — open source end‑to‑end.
Firestudio
Open-source Firebase Firestore GUI
A desktop GUI client for Firebase Firestore — browse, query, and edit collections visually without the console round‑trips. Same Firebase depth that powers Flowvault's zero‑knowledge storage layer, packaged as a developer tool. TypeScript + Electron, MIT‑licensed, ships on Windows, macOS, and Linux.
FlowCrypt
End-to-end encrypted email (OpenPGP)
Senior iOS & Chrome Extension Engineer · 2022–2026
Four years shipping production cryptography at FlowCrypt, a PGP‑for‑email product used by privacy‑sensitive teams and regulated industries. Owned the iOS app and the Chrome / browser extension end to end — OpenPGP key generation and storage, passphrase‑protected keychains, Gmail / IMAP integration, and the crypto flows users actually touch every day — plus review and QA on the Android codebase. Same engineering bar Flowvault is held to, on a much larger install base.
Have a privacy, crypto, or mobile project?
We take a limited number of client engagements each quarter. Typical work: end‑to‑end encrypted products, crypto wallets and web3 frontends, native and hybrid mobile apps (Swift, Kotlin, React Native, Flutter), AI orchestration & agent systems, and the Firebase / Next.js / Cloud Functions stack that Flowvault itself runs on. Remote, worldwide, async‑friendly.
Typical engagement: 2–12 weeks, from discovery through production release and handover.
Keep Flowvault private — and alive.
Flowvault runs on the honor system. We don't show ads, we don't sell data, and we don't require an account — not even to accept donations. That's a deliberate choice, and it means the usual ways an app pays for itself aren't available to us. If Flowvault has earned a spot in your workflow, a small crypto donation keeps the servers paid and the features shipping.
Donations go through the NOWPayments donation widget — 100+ coins, a fresh deposit address for each donation, and no donor sign-up or email required. Pick Monero if you want the most private option.
Not in a position to donate? Totally fine — use Flowvault, tell a friend, or star the repo. That helps just as much.
“Aren't these just nice-to-haves?”
No. If your threat model is “a determined adversary who might coerce a password out of me,” plausible deniability is the difference between losing one notebook and losing all of them. If your threat model is offline brute force of a leaked blob, Argon2id raises the cost by 3+ orders of magnitude over iterated SHA-512. If your threat model is an untrusted server operator, authenticated encryption is the difference between “they corrupt your notes silently” and “they can't, and you'll know if they try.”
Read the security design, the FAQ, or the blog for per-feature deep dives and honest competitor comparisons.