Encrypted Diary · The Key Custody Declaration
We do not have your keys.
So we cannot betray you.
Your passphrase is created on your device. Your encryption key is derived from it on
your device. Your entries are encrypted on your device. None of the three ever reach
us — not in an account, not in a backup, not in a log. We cannot read your diary,
we cannot reset your passphrase, and nobody can compel from us what we do not possess.
What this means in practice
- If you lose your passphrase, your entries are gone. Not "call support" gone — mathematically gone. We ask you to confirm you understand this the first time you seal your diary, and we give you a printable legacy kit so a trusted person can hold a recovery path that you control.
- A subpoena to us yields nothing readable. If our servers ever hold anything of yours (the optional cloud backup tier), it is ciphertext we cannot decrypt.
- A breach of us is not a breach of you. There is no vault of customer diaries to steal, because the diaries never come here.
- Your license key is not your encryption key. The license proves your purchase; it has no mathematical relationship to the passphrase that seals your words.
How it works, verifiably
The diary is a single, self-contained file you can inspect. Encryption is AES-256-GCM;
your key is derived from your passphrase with PBKDF2 (310,000 iterations) and a random salt,
entirely inside your browser or device. The file works with the network cable unplugged —
the honest proof that nothing is being sent anywhere. We invite technical review of every line.
Declaration of Key Non-Custody
I am the operator of Sagentica, the maker of Encrypted Diary. I declare the following
about every edition of Encrypted Diary we offer for sale:
- The software derives encryption keys from the user's passphrase locally, on the user's own device.
- Sagentica does not receive, store, transmit, or retain user passphrases, derived encryption keys, or decrypted diary content, and operates no mechanism capable of doing so.
- Sagentica possesses no master key, recovery key, backdoor, or other means of decrypting a user's entries.
- Where a user elects optional off-device backup, Sagentica receives only data already encrypted on the user's device, and cannot decrypt it.
- If any future change to the product would alter statements 1–4, we will amend this declaration conspicuously before that change takes effect.
I declare under penalty of perjury under the laws of the United States of America that
the foregoing is true and correct.
Executed on: [DATE]
Signature: ____________________________
[FULL LEGAL NAME], Operator, Sagentica
Questions about this declaration: contact us ·
Full details: Privacy Policy