privacy

My stance

I don't want to read your logs. That's why Trophic ships opt-in zero-knowledge encryption: when enabled, your entries are encrypted in your browser before they leave your device, and I cannot decrypt them. The database only ever sees ciphertext. If a government or a hacker forced me to open my database, all they would find is static.

Zero-knowledge mode is opt-in. By default, entries are stored as plaintext so folder queries and pattern aggregation work on the server. Even then, I do not read individual entries.

How to enable zero-knowledge encryption

1. Open Settings → Security → zero-knowledge encryption and tap opt in →.
2. Enter your current password. A Master Key is generated locally in your browser and wrapped with a key derived from your password (Argon2id, 64 MiB memory, 3 iterations, output wrapped with AES-GCM-256). Accounts that opted in before April 2026 used PBKDF2-SHA256 at 600,000 iterations and silently upgrade to Argon2id on their next unlock.
3. Write down the 12-word recovery phrase somewhere offline. It is the only way back in if you forget your password — not even I can recover it for you.
4. Confirm. Every existing entry, folder name, and tag is re-encrypted locally and then uploaded as ciphertext in one atomic swap. From that moment on, the server sees only AES-GCM-256 ciphertext and HMAC-SHA256 tag hashes.

This is a one-way door. Once enabled, there is no “turn it back off” — undoing it would require re-uploading plaintext, which defeats the point. If you want plaintext access again, export your data (below) and start a fresh account.

Trusted devices — instant unlock

By default, every fresh tab asks for your password and re-derives the wrapping key with Argon2id. This is correct behaviour and the password never leaves the browser, but on a device you actually own and trust it's also friction. The unlock screen has an opt-in trust this device checkbox.

When you tick it: the browser generates a per-device AES-GCM key inside the Web Crypto API marked non-extractable— it can be used by the browser's crypto engine but JavaScript (mine, an extension's, anyone's) can never read its raw bytes. Your Master Key is wrapped under it and stored in IndexedDB. On return visits, the browser hands the wrapped key back to the worker, which unwraps it and you're in — no password prompt, no Argon2id derivation. The server still has never seen the device key, the Master Key, or anything plaintext.

What this changes: convenience on devices you control.

What this does not change: the recovery story is identical. If you forget your password and lose your 12-word phrase, the encrypted entries are unrecoverable — the wrapped key on your device protects the same Master Key the server cannot recover, so losing both still means losing access. Trusting a device is purely a UX shortcut for the unlock step, not a backdoor.

The trusted entry is cleared automatically on sign-out, on Pack-Up & Burn, and on manual lock. You can also clear it manually from Settings → Security → trusted device → forget this device. Browsers from different signed-in accounts cannot unwrap each other's entries: the wrapper checks the userId before it tries.

What I store

• --Account info — your name, email, and a bcrypt-hashed version of your password. I cannot see your actual password.
• --Your captured entries — the raw text you type, the extracted tags (<pointer>, {time}, \pattern), and the folders you organize them into. With zero-knowledge mode on, the raw text is stored as AES-GCM ciphertext and the tags as HMAC-SHA256 hashes — I hold no key to either.

What I use it for

• --Providing the service — your data powers the capture view, folder logs, and pattern counts. All of this is shown only to you.

What I don't do

• --I don't sell your data to anyone. Ever.
• --I don't share your data with third parties, except for the infrastructure providers needed to run the service: Vercel (hosting), Supabase (PostgreSQL), Resend (transactional email for password resets).
• --I don't read your individual entries. Not for product improvement, not for training anything, not for curiosity.
• --I don't use tracking pixels, third-party analytics, advertising cookies, or session replay tools. There is no telemetry.
• --I don't train AI models on your content. Your thoughts are not a dataset.

Your controls

• --Enable zero-knowledge encryption — in Settings → Security. Follow the four-step opt-in above. One-way door; your recovery phrase is the only fallback if you forget your password.
• --Export your data — Settings → Data → vault export downloads a self-contained JSON of every entry, folder, and tag. Pack-Up & Burn downloads the same vault and then permanently wipes the server copy in one move. Both are available on every tier, including Free; data ownership and exit are not pricing-gated.
• --Delete everything — you can delete your account in Settings at any time. This permanently removes all your data from the database.

Infrastructure

Trophic runs on Vercel (hosting) and Supabase (PostgreSQL). Transactional emails are sent via Resend. I do not retain server logs beyond what these providers keep by default for operational purposes.

Contact

If anything here is unclear, or you want your data deleted without using the in-app flow, email me directly at tonymushromie174@gmail.com. I respond personally — there is no support team.