How Zero Knowledge Works
We designed our architecture so we physically cannot access your data. Your password encrypts everything locally before it ever reaches our servers.
Encrypted before it moves
The moment you copy something, your master password is used to derive an encryption key with PBKDF2-SHA256 (400k iterations). The data is then encrypted with AES-256-GCM — right there, on your device — before anything happens.
const cipher = await aes256gcm.encrypt(data, key);
We only see gibberish
Only the encrypted ciphertext leaves your device. Our servers store blobs that look like random noise. We literally cannot read it — there is no server-side decryption key, no master password, no backdoor.
Only you can unlock it
Your other device downloads the encrypted blob and decrypts it locally using your password. The cycle is complete — and your data never existed anywhere unencrypted outside your own devices.
// → Your original clipboard item