TaskNote

What is Client-Side Encryption?

TL;DR:

Client-Side Encryption means that the encryption process happens strictly on your device (phone or laptop) using your processor. The server only receives encrypted data. This is the opposite of Server-Side Encryption, where you send raw data to the cloud, and the cloud encrypts it for you (and thus keeps the keys).

✉️ The Envelope Analogy

Imagine you are sending a confidential contract to a storage facility.

  • Server-Side Encryption (Standard): You hand the contract to the facility manager. He reads it, puts it in an envelope, seals it, and puts it on a shelf. He promises not to open it again, but he sealed it, so he can unseal it.
  • Client-Side Encryption (TaskNote): You put the contract in a steel box at your home, lock it with your own padlock, and hand the locked box to the manager. The manager puts the box on the shelf. He cannot read the contract because he never saw it unlocked and doesn't have the key.

⚠️ The Great "Encryption" Deception

When apps like Notion, Slack, or Google Drive say they use "Bank-Grade Encryption" or "Encryption at Rest," they are talking about Server-Side Encryption.

This protects your data from thieves (breaking into the data center), but it does not protect your data from the company itself.

  • Their admins can view your data.
  • If they get a subpoena, they can decrypt your data.
  • If their authentication server is hacked, your data is exposed.

Client-Side Encryption removes trust from the equation. The server is treated as an "untrusted" storage bucket.

⚙️ How It Works in Your Browser

Many people think browsers are just for displaying web pages, but modern browsers have a built-in "Crypto Engine" (Web Crypto API).

  1. Input: You type a note in TaskNote.
  2. Processing: Before you hit save, your CPU takes your Encryption Key and the note text.
  3. Locking: It runs the AES-256 algorithm locally.
  4. Upload: The resulting "gibberish" is sent to our API.
Client-Side vs Server-Side Encryption Diagram

This consumes a tiny bit of your battery/CPU, but in exchange, it guarantees mathematical privacy.

🛡️ Why TaskNote Chose This Path

We believe that privacy is a human right, not a feature toggle.

By implementing Client-Side Encryption:

  1. Speed: Operations happen instantly on your device; we don't wait for the server to process text.
  2. Security: Even if the NSA installs a listening device on our internet cables, they will only intercept encrypted noise.
  3. Integrity: You can be 100% sure that no AI is training on your personal thoughts, because the AI on our server cannot read them.

❓ Frequently Asked Questions (FAQ)

Does this drain my battery?

Negligible. Modern phones have specialized chips for encryption (hardware acceleration). Encrypting a text note takes less energy than loading a single image on Instagram.

Can I search my notes if they are encrypted on the client?

Yes, but it works differently. TaskNote downloads your encrypted index, decrypts it locally in memory, and searches through it on your device. This is why our search is so fast—it's local.

Why don't all apps do this?

Because it's hard. Server-side encryption is easy to build and allows companies to sell your data for ads or AI training. Client-side encryption prevents them from monetizing your content, so they avoid it.

Your ideas belong to you, not a server.

Stop trusting corporations with your private data. Switch to TaskNote today.

Get TaskNote Free