notes app

Application for taking notes with capabilities to view all content from any device while keeping all data accessible by you only.

The app is designed to run on Windows, Linux, Android, MacOS and iOS along with a web version accessible directly from any browser.

Download on your phone, save important information, download on your computer, easily pair the applications and enjoy your content from anywhere!

Application is easy to use, mostly self explanatory with hints and example in case you get lost.

Please note, if you forget your password or lose your device, all your data is lost and cannot be recovered.

App contains multiple safe mechanisms to prevent undesired behaviour such as overwriting notes that have been changed from other device.

quick guide

Users can create notes with no markdown or text styling ability.

Notes can be re-organized to one's liking by holding and dragging them around.

Colors of notes in preview can be changed to any color either individually or all at once.

Note preview can be blurred out and whole notes can be protected by a password.

Users may use the built-in feedback system to communicate with the developer, who might reply.

owner key

Your notes are tied to your owner key, which is randomly generated on first time running the app. It is also used to encrypt and decrypt your notes.

You can change your owner key, allowing you to use the same one across multiple devices in order to sync notes.

Owner key is saved on the device in an encrypted form. If somebody takes over your device, they can open the notes app and see your notes.

If you use a third-party system to lock the app, an attacker, with access to the device, might still be able to find and decrypt your owner key.

For this scenario, there is an option to encrypt the owner key with a user-specified password, which must be entered after opening the app.

Owner key is sent to server hashed using sha256 algorithm. Losing your owner key or the custom password makes your notes unrecoverable.

note mismatch prevention

Imagine a scenario in which you open a note on your phone and computer. You might make changes to the note on computer and save them.

You leave house with your phone, where the note might still not be updated, showing the old version. Now you make some changes on your phone.

If you try to save them, what happens? Are the old changes overwritten? No, an alert shows up, informing you of the situation.

At this point you might either overwrite the old changes or not save the new changes. Possibly compare the differences across your devices.

note passwords

It is possible to add password to notes which will be required each time user wants to access the note.

This password is used to encrypt the note content and is never saved meaning if you ever forget it - you will lose the note.

encryption

All data entered into the app is securely encrypted or hashed before being sent to server and can only be decrypted by its creator.

- 1. your note in plain text

- 2. optional AES128 - you set password to selected note which is then used as an encryption key (the password is sent to server hashed using sha256)

- 3. AES256 - encryption key based on your owner key (the owner key is sent to server hashed using sha256 and can be encrypted locally with a password)

- 4. AES256 - encryption key is different for each session and is generated using Diffie-Hellman key exchange (server logs are being purged frequently)

There are a few exceptions to this rule. Bear in mind all exceptions still go through the encrypted tunnel, being unreadable to third-party authorities.

This means, in their plain state, they are only accessible to you and people who can access the database - being me, the developer, only.

The first exception is the feedback system. All messages sent either to, or from, the developer. This includes message title and content.

The second exception are note creation dates, message creation dates in the feedback system and a status whether message has been seen by the receiver (yes/no).

showcase

1/4

computer notes list

2/4

computer note preview

3/4

phone note list

4/4

phone note preview

❮ ❯

additional information

Detailed changelog can be viewed here.

Current to-do list can be found on the github page.

compiled binaries

source code

we keep it simple!

All data entered into any of the applications is encrypted or hashed in a way that nobody, except you, can access it in plain state

The developer, rikodot, is sole maintainer of the database and the public api.

Only way to access users' data in plain state, as of today, requires device access.

Applications support an optional master password as an additional layer of protection to device access.

More information on this matter can be found in each app's documentation.

There are reasonable exclusions to this rule (e.g. sending feedback to us directly through the app),

in such cases some levels of encryption might be omitted for obvious reason. All exclusions are documented.

Users can request deletion of any or all of their data at any time through the feedback system in related app or by email.

Lastly, no telemetry is collected and no ads are served. Only the data you enter in the app manually can be send to the server.

Users are recognized by a randomly generated identifiers, unrelated to any personal or device information.

Legal version can be found here.

memo