Docs · Notebooks

Encrypted notebooks.

Markdown notes that stay readable in plain text but sealed on disk. Per-notebook phrases, embedded images, no cloud, no shared format with anything else on your machine.

What a notebook is

A notebook is a collection of notes — Markdown text plus optional inline images — sealed under a single phrase. You can have any number of notebooks in a profile, each with its own phrase. The use case is "a journal", "a research log", "a list of accounts I don't want in the vault but want sealed".

Notebook ≠ vault. The vault is structured (host / user / pass / notes) and built for credentials. A notebook is freeform Markdown — better for long-form writing, research, recipes, addresses, anything that doesn't fit a credentials schema.

Creating one

  1. Open the Notes panel from the chrome sidebar.
  2. Click New notebook, give it a name, pick a phrase.
  3. Add notes. Each note is a Markdown document. Live preview renders alongside the source.

Images

Three ways to add an image to a note:

  • Paste a screenshot from the clipboard directly into the editor.
  • Drop an image file onto the editor area.
  • Click the file picker and choose an image from disk.

Images are stored as base64 inside the encrypted notebook blob — no sidecar files, no separate cache. Accepted formats: PNG, JPEG, GIF, WebP. SVG is blocked on purpose (it can execute script in a renderer that ever displays it raw). Maximum 5 MiB per embedded image.

Markdown preview size cap: 512 KB of source per preview render. Larger notes keep saving fine — the cap only limits live preview cost.

Phrases per notebook

Each notebook is sealed under its own Argon2id-derived key. Locking one notebook does not lock the others. You can have a "daily journal" notebook open while your "research log" stays locked.

The same secure-wipe path that protects encrypted profiles applies on notebook lock: materialized scratch files are overwritten with zeros and unlinked, in-memory strings are zeroed.

What's NOT in v0.1

  • Sync across machines. Notebooks live in the profile. No cloud, no LAN sync. Copying a profile folder is the only way to move them right now.
  • Sharing. No "export this note as a link"; the format is for you, not for others.
  • Per-note phrase. The phrase is at notebook granularity — same phrase unlocks all notes in the notebook. If you want stricter compartments, make separate notebooks.

Edge cases we handled

  • Encrypted-body kind tagging. Each encrypted blob is tagged with whether it was sealed under the per-note phrase or under a notebook-level key, so the decrypt path can refuse a wrong-path attempt instead of returning corrupted plaintext.
  • Image MIME whitelist. Drag-and-drop, paste and file-picker all validate against the same PNG / JPEG / GIF / WebP allow-list. SVG is rejected even when the user picks it.
  • Markdown render isolation. The preview uses a sentinel-replace strategy for inline code so an attacker can't smuggle script through embedded tokens.
← Vault & duress slot DoH, adblock, fingerprint →