Notes you can deny you have.
An encrypted online notepad where one URL can hide many notebooks behind different passwords. Even we can't tell how many you have, or whether you have any. The closest thing to a deniable scratchpad you can open in any browser without installing anything.
No account. No email. Your password is your only key — we never see it. How does this compare to ProtectedText, Standard Notes, CryptPad, Privnote?
Plausible deniability
Multiple passwords unlock different notebooks on the same URL. Decoys are cryptographically indistinguishable from random data.
We see nothing
Your password never leaves your browser. The server only stores opaque ciphertext plus your Argon2id salt.
Dead-man's switch
Arm a vault to auto-release to a beneficiary password if you stop checking in. Wrapped key is client-side; release is server-scheduled.
Time-locked notes
Encrypt a message to a future moment. Nobody — not even us — can read it before the drand beacon publishes the unlock round.
Lock a message→Why Flowvault instead of ProtectedText?
Flowvault isn't just a rebuild — it's a deliberate upgrade on almost every dimension that matters for a zero-knowledge notepad.
Memory-hard password hashing
Argon2id with 64 MiB of memory and 3 iterations per guess — the winner of the Password Hashing Competition and the OWASP-recommended default. ProtectedText today also uses Argon2id (32 MiB), but every save still uploads a parallel legacy blob keyed only by the raw password — bypassing Argon2 entirely if their database is ever stolen.
Authenticated encryption
AES-256-GCM detects any tampering with your ciphertext. ProtectedText-style AES-CBC is malleable: bitflips in the blob go undetected.
Hidden volumes
The killer feature. Hand over a decoy password under coercion and your real notebook stays invisible. No competing web notepad does this.
Fixed-size ciphertext
Every Flowvault blob is exactly the same size no matter how much you write, so the server can't tell heavy users from light ones or count notebooks.
Optimistic concurrency
Edit in two tabs without losing work. Every write is CAS-protected by a version counter, so stale writes are rejected instead of clobbering fresh ones.
Upgradable KDF
Argon2 parameters are stored inside the vault, so we can raise the cost as hardware improves without breaking any existing vaults.
Open source, end to end
Not just the frontend — the Cloud Functions, the Firestore security rules, and the deployment config are all in the repo. You can audit every line that touches your data, or self-host the entire stack.
No ads, no tracking
Zero analytics, zero third-party scripts, zero ads. Your browser talks to Firestore and to nothing else.
Published threat model
We tell you honestly what we can and cannot defend against — including the cases where plausible deniability is weaker. No hand-waving.
Feature-by-feature
| Property | Flowvault | ProtectedText |
|---|---|---|
| Password-to-key derivation | Argon2id · 64 MiB · 3 iters · HKDF expansion | Argon2id · 32 MiB · adaptive ~300 ms |
| Legacy plaintext-password blob | No | Yes — every save uploads encryptedContentLegacy keyed only by the raw password |
| Encryption mode | AES-256-GCM (authenticated) | AES-256-CBC (unauthenticated) |
| Plausible deniability | Yes · hidden volumes | |
| Fixed-size ciphertext | ||
| Tamper detection | ||
| Two-tab edit safety | CAS version counter | Last-writer-wins |
| Time-locked notes | Yes (drand) | |
| Dead-man's switch | Yes | |
| Open source | Frontend + Functions + Firestore rules | Client JS only (server code closed, per their FAQ) |
| Ads / trackers | None | None |
| Account required | No | No |
| Self-hostable |
Comparison reflects ProtectedText's publicly documented behavior at time of writing. Corrections welcome via GitHub.
Keep Flowvault private — and alive.
Flowvault runs on the honor system. We don't show ads, we don't sell data, and we don't ask for your email — not even to accept donations. That's a deliberate choice, and it means the usual ways an app pays for itself aren't available to us. If Flowvault has earned a spot in your workflow, a small crypto donation keeps the servers paid and the features shipping.
We deliberately skip payment gateways like Plisio and NOWPayments, because even their crypto flows ask donors for an email for a receipt. Instead we publish raw wallet addresses you can send to directly — no middleman, no forms, no trace. Even the donation stays zero-knowledge.
Not in a position to donate? Totally fine — use Flowvault, tell a friend, or star the repo. That helps just as much.
“Aren't these just nice-to-haves?”
No. If your threat model is “a determined adversary who might coerce a password out of me,” plausible deniability is the difference between losing one notebook and losing all of them. If your threat model is offline brute force of a leaked blob, Argon2id raises the cost by 3+ orders of magnitude over iterated SHA-512. If your threat model is an untrusted server operator, authenticated encryption is the difference between “they corrupt your notes silently” and “they can't, and you'll know if they try.”
Read the security design or the FAQ for more.