Your Notes, Truly Private
End-to-end encrypted notepad with zero-knowledge architecture
Features • Tech Stack • Architecture • Getting Started • API • Screenshots
Cryptora is a full-stack encrypted note-taking application implementing zero-knowledge architecture with end-to-end encryption. Built with modern Python backend (FastAPI) and React TypeScript frontend, featuring enterprise-grade security, RESTful API design, and PostgreSQL database management.
- FastAPI Framework: Async REST API with automatic OpenAPI documentation (Swagger/ReDoc)
- Python 3.8+: Type-hinted, object-oriented backend architecture
- PostgreSQL: Relational database with ACID compliance and complex queries
- SQLAlchemy 2.0: Modern ORM with type-safe database operations and relationship mapping
- Alembic: Database migration management and version control
- Uvicorn: High-performance ASGI server for async request handling
- Pydantic: Data validation, serialization, and settings management
- AES-256-GCM Encryption: Industry-standard symmetric encryption for data at rest
- Zero-Knowledge Architecture: Server-side encryption without password storage
- Cryptography Library: Python cryptography package for secure key derivation (PBKDF2)
- Password Verification: Encrypted alias validation without plaintext password storage
- Content Hashing: SHA-256 hashing for data integrity and conflict detection
- CORS Middleware: Configurable cross-origin resource sharing for secure API access
- RESTful API Design: Resource-based endpoints following REST principles
- Service Layer Pattern: Separation of business logic from route handlers
- Repository Pattern: Database abstraction through service classes
- Dependency Injection: FastAPI's built-in DI for database session management
- HTTP Status Codes: Proper use of 200, 201, 204, 401, 404, 409 responses
- Error Handling: Centralized exception handling with HTTPException
- Request/Response Models: Pydantic schemas for API contract validation
- Relational Data Modeling: User, Note, and Folder entities with foreign key relationships
- Cascade Operations: Automatic cleanup with ON DELETE CASCADE
- Soft Deletes: is_active flag for data retention and recovery
- Database Indexing: Optimized queries with composite indexes on frequently accessed columns
- SQLAlchemy Relationships: One-to-many relationships with lazy/eager loading
- Migration Scripts: Alembic migrations for schema versioning and rollback capability
- Connection Pooling: Efficient database connection management
- Folder Organization: Hierarchical note organization with encrypted folder names
- Optimistic Locking: Content hash-based conflict detection for concurrent updates
- Lazy Loading: On-demand decryption to minimize API calls and improve performance
- Timestamp Tracking: created_at, updated_at, last_accessed_at for audit trails
- Batch Operations: Efficient bulk queries for user notes and folders
- Query Optimization: Filtered queries with WHERE clauses and ORDER BY
Authentication & User Management:
- POST /api/v1/register - User registration with encrypted alias
- POST /api/v1/login - Password verification and session management
- GET /api/v1/{alias} - User profile with notes and folders
Folder Management (CRUD):
- POST /api/v1/{alias}/folders - Create encrypted folder
- GET /api/v1/{alias}/folders/{id} - Retrieve and decrypt folder
- PUT /api/v1/{alias}/folders/{id} - Update folder metadata
- DELETE /api/v1/{alias}/folders/{id} - Soft delete with note preservation
Note Management (CRUD):
- POST /api/v1/{alias}/notes - Create encrypted note
- GET /api/v1/{alias}/notes/{id} - Retrieve and decrypt note
- PUT /api/v1/{alias}/notes/{id} - Update with conflict detection
- DELETE /api/v1/{alias}/notes/{id} - Soft delete note
Health & Monitoring:
- GET /health - Service health check endpoint
- GET /docs - Interactive Swagger API documentation
- GET /redoc - Alternative ReDoc API documentation
- Environment Configuration: python-dotenv for environment variable management
- Logging: Structured logging with Python logging module
- Type Safety: Full type hints with Mapped columns and Pydantic models
- Code Organization: Modular structure (models, schemas, services, routers)
- Database Sessions: Context manager pattern for automatic session cleanup
- API Versioning: /api/v1 prefix for future compatibility
- Documentation: Auto-generated OpenAPI 3.0 specification
- Async/Await: Non-blocking I/O operations with FastAPI async endpoints
- Database Query Optimization: Selective column loading and filtered queries
- Lazy Decryption: Client-side decryption only when data is accessed
- Connection Pooling: Reusable database connections
- Indexed Queries: Fast lookups on alias, user_id, folder_id columns
- Requirements Management: pip requirements.txt with pinned versions
- Database Initialization: Automatic table creation on startup
- Error Recovery: Graceful degradation with try-catch error handling
- CORS Configuration: Production-ready cross-origin settings
- Health Checks: Monitoring endpoint for uptime verification
- Python Backend Development
- FastAPI Framework
- RESTful API Design
- PostgreSQL Database Management
- SQLAlchemy ORM
- Database Migrations (Alembic)
- Cryptography & Security
- Async Programming
- API Documentation
- Service-Oriented Architecture
- Dependency Injection
- Error Handling & Logging
- Environment Configuration
- Type Safety & Validation
Cryptora is a privacy-first encrypted notepad where your notes are protected with bank-level security. Unlike other note apps, your password never leaves your device—all encryption happens in your browser before anything touches our servers.
🛡️ Zero-Knowledge: We literally cannot read your notes, even if we wanted to.
 Zero-Knowledge Your encryption key never touches our servers |
 Bank-Level Security AES-256-GCM encryption standard |
 Private by Default No tracking, no analytics, no data collection |
 Instant Access No sign-up required, just alias & password |
 Auto-Save Changes saved automatically as you type |
 One-Click Copy Copy your notes instantly to clipboard |
| Technology | Purpose | Why? |
|---|---|---|
 |
Core Language | Robust, readable, extensive crypto libraries |
 |
API Framework | Async, fast, auto-documentation |
 |
Database | ACID compliance, secure data storage |
 |
ORM | Type-safe database operations |
 |
Migrations | Version-controlled schema changes |
 |
ASGI Server | Lightning-fast async server |
| Technology | Purpose | Why? |
|---|---|---|
 |
UI Framework | Component-based, reactive UI |
 |
Language | Type safety, better DX |
 |
Build Tool | Instant HMR, fast builds |
 |
Styling | Utility-first, rapid UI development |
 |
Animations | Smooth, professional animations |
 |
Components | Beautiful, accessible components |
┌─────────────────────────────────────────────────────────────────┐
│ CLIENT BROWSER │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ React + TypeScript + Tailwind + Framer Motion │ │
│ │ ┌─────────────┐ ┌─────────────┐ ┌────────────┐ │ │
│ │ │ Editor │ │ Encryption │ │ Notes │ │ │
│ │ │ Component │───▶│ (AES-256) │───▶│ List │ │ │
│ │ └─────────────┘ └─────────────┘ └────────────┘ │ │
│ └─────────────────────────────────────────────────────────┘ │
│ │ │
│ Encrypted Data Only │
│ ▼ │
└──────────────────────────────┼──────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────────┐
│ BACKEND SERVER │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ FastAPI + Python + SQLAlchemy │ │
│ │ ┌─────────────┐ ┌─────────────┐ ┌────────────┐ │ │
│ │ │ REST │ │ Business │ │ ORM │ │ │
│ │ │ API │───▶│ Logic │───▶│ Layer │ │ │
│ │ └─────────────┘ └─────────────┘ └────────────┘ │ │
│ └─────────────────────────────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ PostgreSQL Database │ │
│ │ Stores only encrypted blobs - Zero Knowledge │ │
│ └─────────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
- Python 3.8+
- Node.js 18+
- PostgreSQL 12+
# Clone the repository
git clone https://github.com/divinixx/Cryptora.git
cd Cryptoracd backend
# Create virtual environment
python -m venv venv
venv\Scripts\activate # Windows
# source venv/bin/activate # macOS/Linux
# Install dependencies
pip install -r requirements.txt
# Configure environment
cp .env.example .env
# Edit .env with your PostgreSQL credentials
# Run migrations
alembic upgrade head
# Start server
uvicorn app.main:app --reload --port 8000cd frontend
# Install dependencies
npm install
# Start development server
npm run dev| Service | URL |
|---|---|
| 🌐 Frontend | http://localhost:5173 |
| 🔌 Backend API | http://localhost:8000 |
| 📚 API Docs (Swagger) | http://localhost:8000/docs |
| 📖 API Docs (ReDoc) | http://localhost:8000/redoc |
| Method | Endpoint | Description |
|---|---|---|
GET |
/health |
Health check |
POST |
/api/v1/auth/register |
Create new user |
POST |
/api/v1/auth/login |
Authenticate user |
GET |
/api/v1/{alias}/notes |
Get all notes |
POST |
/api/v1/{alias}/notes |
Create new note |
GET |
/api/v1/{alias}/notes/{id} |
Get specific note |
PUT |
/api/v1/{alias}/notes/{id} |
Update note |
DELETE |
/api/v1/{alias}/notes/{id} |
Delete note |
# Create encrypted note
curl -X POST http://localhost:8000/api/v1/myalias/notes \
-H "Content-Type: application/json" \
-H "X-Password: your-master-password" \
-d '{
"title": "My Secret Note",
"content": "This gets encrypted before storage"
}'Cryptora/
├── 📂 backend/
│ ├── 📂 app/
│ │ ├── 📂 models/ # SQLAlchemy models
│ │ ├── 📂 schemas/ # Pydantic schemas
│ │ ├── 📂 routers/ # API endpoints
│ │ ├── 📂 services/ # Business logic
│ │ ├── 📄 config.py # Configuration
│ │ ├── 📄 database.py # DB connection
│ │ └── 📄 main.py # FastAPI app
│ ├── 📂 alembic/ # Migrations
│ ├── 📄 requirements.txt
│ └── 📄 run.py
│
├── 📂 frontend/
│ ├── 📂 src/
│ │ ├── 📂 components/ # React components
│ │ │ ├── 📂 ui/ # ShadCN components
│ │ │ └── 📂 notes/ # Note components
│ │ ├── 📂 pages/ # Page components
│ │ ├── 📂 context/ # React context
│ │ ├── 📂 lib/ # Utilities
│ │ ├── 📄 App.tsx
│ │ └── 📄 main.tsx
│ ├── 📄 package.json
│ └── 📄 vite.config.ts
│
└── 📄 README.md
┌────────────────────────────────────────────────────┐
│ YOUR BROWSER │
│ │
│ Password ──▶ Derive Key ──▶ Encrypt ──▶ Send │
│ 🔑 🔐 🔒 📤 │
│ │
│ ✅ Password stays here │
│ ✅ Key derived locally │
│ ✅ Only encrypted data leaves │
└────────────────────────────────────────────────────┘
│
▼
┌────────────────────────────────────────────────────┐
│ OUR SERVER │
│ │
│ ❌ Never sees password │
│ ❌ Cannot decrypt content │
│ ✅ Stores encrypted blobs only │
└────────────────────────────────────────────────────┘
Landing Page
Dashboard - Your Encrypted Notepad
Contributions are what make the open-source community amazing! Any contributions you make are greatly appreciated.
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Distributed under the MIT License. See LICENSE for more information.
Built with ❤️ for everyone who values privacy
Your thoughts deserve to stay yours.
