Security

How Consent Loop protects your most personal thoughts with industry-leading security.

Our Security Philosophy

Consent Loop is built on the principle that your thoughts belong to you. We've designed our system so that even we cannot read your journal entries. This isn't just a policy - it's enforced by cryptography.

Zero-Knowledge Architecture

We use end-to-end encryption, which means your entries are encrypted on your device before they reach our servers. We never have access to your plaintext content or encryption keys.

Encryption Details

We use industry-standard cryptographic algorithms to protect your data:

Key Derivation

AlgorithmPBKDF2 with SHA-256
Iterations100,000 minimum
SaltUnique per user, cryptographically random

Your vault password is never sent to our servers. Instead, we derive an encryption key from it using PBKDF2 with 100,000 iterations, making brute-force attacks computationally expensive.

Entry Encryption

AlgorithmAES-256-GCM
Key DerivationHKDF (per-entry unique keys)
IV/NonceUnique per encryption, cryptographically random

Each journal entry is encrypted with a unique key derived from your master key using HKDF. This means even if one entry's key were somehow compromised, other entries would remain secure.

Master Key Protection

Your master key is wrapped (encrypted) using AES-KW before being stored:

  • The master key is generated using the Web Crypto API
  • It's wrapped with a key derived from your vault password
  • Only the wrapped (encrypted) master key is stored on our servers
  • The plaintext master key only exists in memory while your vault is unlocked

Data Flow

Here's what happens when you write and save a journal entry:

  1. You write your entry in the journal editor
  2. Your browser derives an entry-specific key using HKDF
  3. The entry is encrypted with AES-256-GCM on your device
  4. Only encrypted data is sent to our servers over HTTPS
  5. Our servers store the encrypted blob (unreadable to us)

When you read an entry, the process is reversed - encrypted data is fetched and decrypted locally on your device.

Infrastructure Security

Beyond encryption, we employ multiple layers of infrastructure security:

Network Security

  • All connections use TLS 1.3 with strong cipher suites
  • HTTP Strict Transport Security (HSTS) enforced
  • Certificate pinning for mobile applications
  • DDoS protection and rate limiting

Application Security

  • Content Security Policy (CSP) headers
  • Cross-Site Request Forgery (CSRF) protection
  • Input validation and sanitization
  • Regular dependency security updates

Operational Security

  • Principle of least privilege for all access
  • Multi-factor authentication for all admin access
  • Comprehensive audit logging
  • Regular security training for team members

Session Security

When you share entries with a connection, we use time-limited sessions:

  • Sessions automatically expire after 30 minutes
  • You can revoke access at any time
  • Session data is automatically cleaned up after expiration
  • Each session generates a unique, one-time access token

AI Processing

When you use AI features (like generating summaries or insights):

  • Processing happens in real-time; your content is not stored by AI providers
  • We use Firebase Generative AI (Gemini) with data processing agreements
  • AI results are encrypted before storage (if stored at all)
  • You can use the service without any AI features

AI Privacy

AI-generated summaries and insights are processed transiently. Your raw journal content is never used to train AI models or stored by AI service providers.

What We Cannot Do

Our security architecture means there are things we simply cannot do, by design:

  • We cannot read your encrypted journal entries
  • We cannot recover your vault password if you forget it
  • We cannot decrypt your data for third parties (including law enforcement)
  • We cannot modify your encrypted entries without detection

Set Up Recovery

Because we cannot recover your vault password, please set up recovery options (recovery key or security questions) when you create your vault.

Security Audits

We maintain security through ongoing assessment:

  • Regular third-party penetration testing
  • Automated vulnerability scanning
  • Code review for all security-sensitive changes
  • Bug bounty program for responsible disclosure

Reporting Security Issues

If you discover a security vulnerability, please report it responsibly:

  • Email: security@consentloop.com
  • Please include detailed steps to reproduce the issue
  • We will acknowledge receipt within 48 hours
  • We ask that you give us reasonable time to address issues before public disclosure

We appreciate the security research community and will recognize reporters who follow responsible disclosure practices.

Your Security Responsibilities

While we protect your data with strong encryption, security is a shared responsibility:

  • Use a strong vault password: At least 12 characters, unique to Consent Loop
  • Enable recovery options: Set up a recovery key or security questions
  • Secure your devices: Use device passwords/biometrics and keep software updated
  • Be cautious with sharing: Only share entries with connections you trust
  • Lock your vault: Manually lock when stepping away from your device