Secure by Design

Security has been the primary driving factor for the design of Mimiri Notes from the beginning. Below is a
series of highlights describing the security employed by Mimiri Notes as concisely as possible.
If you are interested in a more in-depth exploration of the security design of Mimiri Notes, one of our founders
has written an in depth blog post on the topic on his personal blog.

Why This Matters to You

Your notes contain sensitive information - passwords, personal thoughts, work details, family information. Mimiri Notes is designed so that:
  • Only you can read your data - even if someone steals your device or hacks our servers
  • Your information stays private even from us - we cannot read your notes, even if we wanted to
  • Protection from hackers and governments - your data is protected by strong encryption that’s effectively unbreakable
  • You don’t have to trust us - the code is open source, so anyone can inspect it. No need to trust audits from “Trust Me Bro Inc.”

Encryption

  • All data is encrypted before it leaves your device using end-to-end encryption
  • All data is encrypted before it is written to persistent storage on your device
  • The encryption algorithm used is AES-GCM-256
  • IVs are randomly generated and never reused (also sometimes referred to as a nonce)
  • All random data used is cryptographically strong random data
  • Your primary AES key is derived directly from your password using PBKDF2-SHA512¹
  • All communication between client and server is performed over HTTPS

Authentication

  • Your password never leaves your device
  • On account creation, a secret is derived from your password using PBKDF2-SHA512¹. This secret rather than your password is shared with the server
  • On account creation, a public key (4096 bit RSA) is shared with the server
  • Log in is performed using a challenge-response model, where the user proves knowledge of the password without sharing the password with the server.
  • All subsequent requests to the server are signed and verified using the public key previously shared with the server
  • The server does not maintain a session and only processes correctly signed requests
  • All requests are tagged with a timestamp and an ID to prevent replay attacks

Local Security

  • The application is invisible by default to screen sharing tools to prevent accidental sharing (Windows/macOS²)
  • Passwords in text notes can be obfuscated to prevent exposure when visible on your monitor
  • When the application is minimized/suspended for more than one minute, lightweight authentication is required to restore access (configurable)

Open Source

  • Mimiri Notes is fully Open Source and released under GPL v2.0 (both client and server)
  • We see no way that real security can exist if the inner workings of the product are obscured
  • Open Source forces us to remain true to the mission
  • Open Source makes it impossible to hide back doors in the code
  • Open Source allows the community to discover vulnerabilities and for those vulnerabilities to be addressed earlier than any closed source product ever could
  • You are free and able to self-host Mimiri Notes if you do not trust us to keep your data safe
  • You are free and able to build Mimiri Notes from source if you do not trust us to build your binaries
  • You are free and able to fork Mimiri Notes should you find that we are not delivering on our promises

Next Steps


¹ All uses of PBKDF2-SHA512 use 1,000,000 iterations and are uniquely salted for each user and for each purpose
² Sadly we have not been able to replicate this feature on Linux as neither Wayland nor X11 offer the needed capability