Encryption at a glance
Every piece of data in your pod is encrypted using AES-256-GCM — the same standard used by banks and governments. Your password never leaves your device.
How it works
1
When you create a pod, a random 256-bit family key is generated
2
Your password is run through PBKDF2 (100,000 rounds, SHA-256) with a random 16-byte salt to derive a wrapping key
3
The family key is wrapped (encrypted) with your wrapping key using AES-KW
4
All your family data (Automerge binary) is encrypted with the family key using AES-GCM with a random 12-byte IV
5
The encrypted payload, wrapped keys, and salts are stored in the .beanpod file
Key details
- Algorithm: AES-256-GCM (encryption) + AES-KW (key wrapping)
- Key derivation: PBKDF2 with 100,000 iterations, SHA-256, 16-byte random salt
- IV: 12 bytes, randomly generated for each save
- Implementation: Web Crypto API (native browser cryptography)
🛡️ Client-side only
All encryption happens in your browser using the native Web Crypto API. No keys, passwords, or unencrypted data are ever transmitted to any server.