Site: BitNote.xyz
Github: https://github.com/RockwellShah/bitnote
Description:
BitNote is built for people who want to store sensitive information without trusting big tech, subscriptions, or centralized servers. It’s like a fireproof vault that lives on the blockchain — without the hardware or the hassle. It’s great for passwords, private keys, seedphrases, or other sensitive text data.
-
Strong Security
“Military Grade” encryption to keep your secrets safe. -
No Recurring Fees
Pay once, no subscriptions. -
Zero Knowledge & E2E Encrypted
Only you can see your data. -
Decentralized
No one can delete or block your access. -
Truly Private
No tracking, no personal data collection. -
Transparent Source Code
Audit everything, trust nothing. -
Built to Last
No bloat, no frameworks, engineered for longevity. -
Access Anywhere
No sync, no setup. -
Succession (In Development)
Pass down your data automatically if something happens to you.
How It Works
-
Create Secure Notes: Write your notes in the BitNote app. Your data is encrypted locally before being stored on the blockchain.
-
Access Anywhere: Retrieve your encrypted notes from any device with a browser. Decryption happens locally, ensuring privacy.
-
Sharing & Succession: Securely share notes with other BitNote users or set up succession rules to pass on your secrets under specific conditions.
Sign Up
After tapping sign up, you’ll be asked to create a unique username. Then you’ll be presented with options on how you’d like to secure your account (either master password or security key). You’ll also be asked to fund your account to register your username and create notes on the blockchain. You can pay using crypto, credit, debit, or Apple Pay. You DO NOT need crypto to use BitNote. Once signed up, to access your encrypted notes just sign into BitNote with your credentials.
Pricing
BitNote is a “pay as you go” system. No subscriptions or recurring fees. You pay only to create/edit/delete notes, and viewing notes is free.
Setup typically costs under $1. Creating notes costs about ~$0.005 each — making it affordable even for thousands of notes.
Use Cases
- Passwords
- Recovery codes
- Private keys
- Crypto seed phrases
- Personal notes, ideas, and secrets meant to last
- Deadbox or dead man’s switch - storing information that you want passed down in case something happens to you.
- Digital treasure hunt - leave clues that lead people to the username and password that decrypts a BitNote account and reveals a prize.
- Private Journal - use BitNote as a diary that you can optionally pass down to future generations.
- Digital time capsule - create messages or store information intended to be accessed or opened far into the future.
Features
| Feature | Description | Status |
|---|---|---|
| Sharing | Share your notes safely and easily with other BitNote users. |  Available |
| Local Client | Run a copy of BitNote locally so you don’t have to rely on the website. | Available |
| Cold Wallet Generator | Easily create and store “cold” crypto wallets for long-term digital asset storage. | Available |
| Import & Export | Import and export your notes freely — your data is never locked in. | Available |
| Keyboard Shortcuts | Quickly search, create, and save notes using keyboard shortcuts. | Available |
| Mobile App | Use BitNote as a mobile app via your browser’s “Add to Homescreen” function. | Available |
| Password & Passphrase Generator | Quickly create secure passwords and passphrases | Available |
| Referral System | Earn 30% of protocol fees your referrals generate — automatically, forever. | Available |
| Security Key Support | Supports secure login via hardware keys (e.g., YubiKeys). | Available |
| Secure Search | Quickly search across your notes securely. | Available |
| Offline Mode | Use BitNote even while you’re fully offline. | Available |
| Secure Updater | BitNote website updates are default opt-in, protecting you from supply chain attacks. | Available |
| Code Alert | Automatic notification of code tampering, protecting you from supply chain attacks. | Available |
| Backup Keys | Add unlimited backup hardware security keys to access your account | Available |
| Fiat Onramp | Pay with Credit/Debit/Apple Pay | Available |
| Decentralized App | The entire app will be hosted on-chain for full decentralization. |  Partially Complete |
| Succession | Pass down your data automatically if something happens to you | Upcoming |
Screenshots
Technical Overview
BitNote runs entirely in your browser on a client/blockchain model. Your notes are encrypted locally using AES-256 through the web crypto API and stored on-chain. Only you (and those you explicitly authorize) can decrypt it. No centralized servers. It’s just you, your browser, and the blockchain.
For additional security, BitNote can be locally installed as a progressive web app on both desktop and mobile, can run offline, and requires explicit user opt-in for updates.
- Frontend: Pure HTML/CSS/JS — no frameworks, under 1MB
- Backend: Smart contracts written in Solidity hosted on the Avalanche blockchain (C-Chain)
- Encryption: AES-256 using the WebCrypto API, with a browser-based zero-knowledge architecture that supports full offline mode
- Loading: The core portions of the app load directly from the blockchain itself for stronger levels of decentralization and security
Forever Machine
One of the eventual goals of BitNote is to create a “Forever Machine” - an app that can live directly on the blockchain and do its job without fear of ever disappearing. Ultimately, BitNote is a protocol, not a company. The system is designed to minimize points of failure and to last for many years.
How the Encryption Works
BitNote is end-to-end encrypted and zero knowledge. All encryption happens locally on your machine, and no one can see your data besides you.
After a user selects a username and master password, an account is generated with a secp256k1 key pair, EVM public address, and an ECDH p-521 key pair which is used for encrypting notes.
The master password is used to derive a key with pbkdf2-sha512 set to 1 million iterations, which is then used to encrypt the two private keys with AES-GCM using the outputted 256-bit key.
With the user’s public address as the index, the two private keys are encrypted on the blockchain, as well as the ECDH public key.
The username is hashed with keccak256 and the resulting hash is used as an index that points to the public address.
When the user logs into BitNote, the keys are retrieved, decrypted client side, and the ECDH key pair are utilized to decrypt the notes.
For additional security, all the client side computation is handled within a web worker.
For added protection, all cryptographic operations are run inside a web worker, isolating them from the main thread.
Advanced Protection
BitNote has a number of advanced features that help protect you, including:
- Opt-In Updates: BitNote updates are explicitly opt-in, meaning that you have to accept them before they happen. This gives you the opportunity to check to make sure the update is safe before applying it.
- Code Alert: BitNote has a built in system to alert you if the version you have cached locally does not match what is being served to you through the web. This helps protect you against “supply chain attacks.” If you ever see this alert come up on your app, please send a message through email/X/telegram and check BitNote’s social channels to see if there is a legitimate reason for this before continuing to use the app.
- Cost to Crack: If you choose to secure your account with a master password, we estimate your password strength with a “cost to crack” calculation that estimates how much an attacker would have to spend in compute resources to brute force your password.
Is BitNote Audited?
Yes. BitNote has been audited by Cure53, a very reputable cybersecurity firm.
What Happens if BitNote Disappears?
Your data is stored on the blockchain, not on BitNote. The BitNote app allows you to easily access your data on the blockchain, but there are multiple ways to do that if the BitNote website disappears, including:
- Using the locally installable version of BitNote
- Using the built in secure export feature to access your raw data
- Communicating directly with the smart contracts to pull your data
- Accessing your data directly from a blockchain explorer
- Using an alternative front end
Because BitNote’s code is openly available, if it ever goes down it can be re-created fairly easily.
For more FAQs, see the BitNote website.
License
BitNote is licensed under BSL 1.1. It will automatically trigger an open source transition to GPL v3.0 on May 1, 2028.
Read the full license
Visit BitNote