TaskNote

What is Zero-Knowledge Architecture?

TL;DR:

Zero-Knowledge Architecture (or "No-Knowledge") is a system design where the service provider (us) hosts your encrypted data but does not have the keys to decrypt it. We manage the infrastructure, but we have mathematically "zero knowledge" of what is stored inside it.

🔐 The Storage Facility Analogy

To understand Zero-Knowledge, think of a high-security storage facility.

  • Standard Cloud (Dropbox, Google Drive): You rent a locker. The manager keeps a spare key "just in case you lose yours." This means the manager can open your locker anytime, check what's inside, or let the police in without asking you.
  • Zero-Knowledge (TaskNote): You rent a locker, but you bring your own padlock from home. You are the only person in the world with the key. The manager lets you into the building, but they physically cannot open your locker. If the police ask the manager what's inside, they can honestly say: "I have zero knowledge."

⚙️ How It Works

In a traditional application, when you log in, you send your password to the server. The server checks it and unlocks your data.

In a Zero-Knowledge system like TaskNote, the flow is strictly separated:

  1. Identity vs. Encryption: Your Master Password performs two separate functions.
  2. Hashing: One part is hashed (scrambled) and sent to the server just to prove you are who you say you are (Login).
  3. Decryption: The other part is used locally to generate an Encryption Key. This key never leaves your device.
Zero Knowledge Architecture Diagram: Server stores the Lock. You hold the Key.

Server stores the Lock. You hold the Key.

This ensures that while the server knows that you have data, it has no way of turning that data into readable text.

⚖️ Why It Is Critical for Privacy

Zero-Knowledge is not just a marketing term; it is a legal and technical shield.

  • Protection from Subpoenas: If a government agency demands your data from us, we can only hand over encrypted gibberish. We cannot be compelled to decrypt what we cannot read.
  • Protection from Hackers: If our servers are compromised, the attackers get nothing of value.
  • Protection from Us: You don't have to trust that TaskNote employees are honest. You only have to trust the mathematics.

🛡️ Zero-Knowledge in TaskNote

We designed TaskNote so that your privacy does not depend on our promises. It depends on your password.

When you create an account, your browser generates the keys. We store the encrypted blobs of your notes, tasks, and tags. We do not store your password or your encryption key.

This creates a strict "Trust No One" environment, where you are the sole owner of your digital life.

Secure Your Account

❓ Frequently Asked Questions (FAQ)

If I forget my password, why can't you reset it?

Because we don't know it. In a Zero-Knowledge system, there is no "admin backdoor." If you lose your password and your Recovery Key, your data is gone forever.

Does Zero-Knowledge apply to metadata?

Mostly. We cannot read your note content or titles. However, the server must know basic metadata to function, such as "User A has 50 encrypted files" or "Last sync was at 10:00 AM." We minimize this metadata as much as possible.

Can I share notes with others in a Zero-Knowledge app?

Yes, but it's more complex than usual. To share a note, your device must securely encrypt the note's key with the recipient's public key. It happens automatically in the background, but the server still acts only as a blind messenger.

Your ideas belong to you, not a server.

Stop trusting corporations with your private data. Switch to TaskNote today.

Get TaskNote Free