Encryption

Here's how your data actually stays private — not just in theory, but in practice.

The Short Version

Clairvoyant is a local-first app. Your tasks, notes, and calendar data live on your device. The app works fully offline with no server dependency.

When you enable sync, your data gets backed up to the cloud so you can access it on other devices. But here's the thing: your data is encrypted on your device before it ever leaves. The server stores encrypted data it literally cannot read.

Your Device                         Cloud
+-----------------+                 +------------------+
| Your tasks      |  encrypted -->  | Encrypted blobs  |
| (readable)      |  <-- sync ---   | (unreadable)     |
+-----------------+                 +------------------+
     ^                                     ^
     |                                     |
  You can read                     Nobody can read
  your data here                   your data here

What "Zero-Knowledge" Actually Means

You've probably seen other apps claim to be "encrypted." But there's a crucial difference between encryption where the company holds your keys (and could hand them over if pressured) and encryption where nobody but you has the keys.

Clairvoyant uses a zero-knowledge design:

We can't read your data - Even if we wanted to. The math doesn't allow it.
No backdoors - Not for us, not for governments, not for anyone.
Keys never leave your device - Decryption always happens locally.
The server only sees ciphertext - Meaningless without your password.

Many "encrypted" services keep your keys on their servers. If they get hacked, subpoenaed, or their employees go rogue, your data is exposed. With zero-knowledge encryption, that scenario is impossible. We never have your keys in the first place.

How It Works Under the Hood

Your Password is Your Key

When you create an account, your password generates a unique encryption key through a process called key derivation. This key is what encrypts and decrypts all your data.

The key only exists in your device's memory while you're logged in. It's never written to disk in plaintext and never sent to our servers. When you log out, it's gone.

What Happens When You Sync

You create or edit a task on your device
The content (title, description, notes) gets encrypted with your key
The encrypted data travels to the server over HTTPS
The server stores it without being able to read any of it
On another device, you log in with the same password
Your password derives the same key, and everything decrypts locally

It's seamless from your perspective — you just log in and your stuff is there. But behind the scenes, serious cryptography is keeping it all private.

Recovery Key

When you set up your account, you get a 24-word recovery key. This is your safety net, and it's important.

Why you need it:

If you forget your password, this is the only way to get your data back
We can't reset your password or recover your data for you
That's not a limitation — it's a feature of zero-knowledge design. Nobody has a master key, not even us.

What to do with it:

Write it down and keep it somewhere safe (not on your device)
Download the backup file when prompted
Never share it with anyone

What Gets Encrypted

Data	Encrypted	Why
Task titles	Yes	Your task content is private
Task descriptions	Yes	Your task content is private
Notes	Yes	Your notes are private
Due dates, status, priority	No	Structural data for sync — not sensitive content
Email / username	No	Needed for authentication

The structural metadata (dates, completion status, priority levels) stays unencrypted so the sync system can work efficiently. This metadata tells the system nothing about what you're actually working on.

The Technical Details

Detail	Value
Algorithm	AES-256-GCM (authenticated encryption)
Key derivation	PBKDF2 with 100,000 iterations
Key size	256 bits
Used by	Banks, governments, military

AES-256-GCM provides both encryption (nobody can read it) and authentication (nobody can tamper with it). If someone tries to modify the encrypted data, decryption fails rather than returning corrupted content.

Multi-Device Access

Since your encryption key comes from your password, the same password always produces the same key. This means:

Log in on any device with your password, and your data just works
No device-to-device key transfer needed
No QR codes or pairing rituals

Don't Trust Us — Verify

Clairvoyant is open source. You can check the encryption implementation yourself:

The encryption module is in EncryptionService
Key derivation uses the Web Crypto API (browser-native, not custom crypto)
The full source code is available for audit

How We Compare

App	E2E Encrypted	Zero-Knowledge
Todoist	No	No
Notion	No	No
TickTick	No	No
Things 3	Local only	No sync encryption
Google Tasks	No	No
Clairvoyant	Yes	Yes

The Short Version​

What "Zero-Knowledge" Actually Means​

How It Works Under the Hood​

Your Password is Your Key​

What Happens When You Sync​

Recovery Key​

What Gets Encrypted​

The Technical Details​

Multi-Device Access​

Don't Trust Us — Verify​

How We Compare​