Security

How Filarr protects your data: KEK/FEK encryption architecture, local-first with zero-knowledge cloud sync.

KEK / FEK Architecture

Filarr uses a two-level key system. Each file is encrypted with its own File Encryption Key (FEK) using AES-256-GCM. All FEKs are themselves encrypted by a Key Encryption Key (KEK), derived from your password via PBKDF2. If one FEK is compromised, only that file is exposed — not the rest of your data.

Local-first, zero-knowledge

All encryption and decryption happens on your machine. Your keys never leave your device. When cloud sync is enabled, only encrypted blobs are stored on our servers (Cloudflare R2, EU). We cannot read your files — this is true zero-knowledge encryption.

Keys never leave your device
No account required for local use
Zero telemetry, zero tracking
Full control over your data

Threat Model

Since your plaintext data never leaves your machine, Filarr’s threat model is fundamentally different from a typical cloud service. The main threats are physical access to your device or losing your password.

  • Physical access to deviceProtected by AES-256-GCM encryption
  • Password lossRecoverable via recovery phrase only
  • Malware on deviceKeys in memory only during use
  • Disk theftData unreadable without password
  • Brute force attackPBKDF2 with high iterations

What this means in real life

Encryption is only useful if it protects you in the situations that actually happen.

Your laptop gets stolen

Your files are encrypted with AES-256-GCM. Without your vault password, they’re unreadable — even with full disk access. The thief gets an encrypted hard drive, not your documents.

Protected

A cloud provider gets breached

Filarr only stores encrypted blobs on our servers. Your files are encrypted on your device before upload. Even if our storage is compromised, attackers get unreadable ciphertext — not your files.

Protected

A legal request for your data

If Filarr receives a legal request, we can only hand over encrypted blobs. We don’t hold your encryption keys — we genuinely cannot decrypt your files. This isn’t a policy — it’s a technical fact.

Protected

You forget your vault password

This is the real cost of zero-knowledge. Your encryption key is derived from your password — if you lose it, we cannot recover your data. We recommend using a password manager and exporting a recovery key from Settings > Security.

Your responsibility

What if Filarr gets curious?

We can’t. Your files are encrypted with a key derived from your password using PBKDF2-SHA-512 with 600,000 iterations. This key never leaves your device. Our servers only see random-looking bytes.

Protected by design

Your internet goes down mid-session

Filarr is local-first. Everything works offline — notes, files, graph, canvas. Changes sync automatically when you reconnect. No internet required to access your own files.

Works offline

Multi-profile isolation

Each profile in Filarr has its own set of encryption keys. Data in a “Personal” profile is completely isolated from a “Client A” profile. Even if one profile is compromised, the others remain protected.

Filarr profile selection — each profile has its own encryption

What we’re still working on

Cloud sync is live with end-to-end encryption — your files are encrypted on your device before upload. The code is currently in a private repo; an independent security audit is on our roadmap. We document our encryption architecture in detail so you don’t have to trust us blindly. There’s no SOC2 or HIPAA certification yet.

Download for free