Your private vault.
Encrypted before it leaves your device.
Most clouds promise not to look at your files. Noctcom is built so that it can't, even if we wanted to. Your password and your keys never touch our servers. We only store encrypted data we can't open.
Zero-knowledge by default
Not a setting you turn on: it's the only way it works. Argon2id + XChaCha20-Poly1305.
Not even metadata
Names, sizes and tags are encrypted too. Not just the content.
No email in the clear
We don't even store your email: just a hash. A database dump won't reveal who you are.
Anonymous sharing
X25519 sealed boxes: only the recipient opens the file. Not us, not anyone with server access.
Don't take our word for it: watch it.
The full security walkthrough in 84 seconds: what happens to your password, what travels over the network, and what our own server can (and can't) see.
What does the server actually
see?
A step-by-step test of Noctcom's zero-knowledge encryption. No tricks: these are the real algorithms from the open-source code.
Test 1 — the password
password: S3creta·Periodista!
256 MiB · 3 iterations · ~1 s MK = 7f3a 91c2 e4d8 0b6f a219 c7e3 55d0 8a1c … // Master Key: derived and used ONLY on your device
POST /api/v1/auth/login/finalize { "challenge": "Zku7…", "signature": "MEUCIQDk…" // Ed25519 signature }
Neither the password nor the MK appears in the request: a challenge is signed with a key that only exists if you know the password.
Test 2 — the file
— CONFIDENTIAL —
Interview with source A. (May 12)
"The documents show transfers between…
…the intermediary's account and the shell company
registered in…"9f 3a c1 77 0e b2 5d 84 fa 21 6c d9 03 4e b7 58 e1 92 7a cf 44 08 d6 31 ab 5e 90 1f 73 c8 26 ed 4b a7 39 f2 80 15 ce 6a d4 b1 07 9e 52 e8 3c 61 fd 28 95 4a 0d 76 c3 1b 8f e4 57 a2 39 d0 6e 82 fb 14 c9 47 0a 75 b8 23 ef 5c 91 36 da 68 01 ae 53 c7 1d 89 f4 2e 60 bd 49 07 96 e3 5a 2f 78 cb
file_key = random(32) // unique per file cipher = XChaCha20-Poly1305 // AEAD, tag 16 B
The AAD binds each block to its position: not even whoever controls the storage can reorder or mix blocks without breaking verification.
Test 3 — the network
POST /api/v1/uploads/init { "nameEncrypted": "mUz4kQ9rT2…", // even the NAME is encrypted "metadataEncrypted": "8wXc3PfA1N…", // mime, size, tags "fileKeyWrapped": "9hTqVb27Lm…", // the key, wrapped with YOUR key "chunks": [ { "index": 0, "nonce": "Rk31…" }, … ] }
There isn't a single readable field. The server receives sealed envelopes and stores them without being able to open them.
Test 4 — the server itself
noctcom_prod=> SELECT name_encrypted, file_key_wrapped FROM nodes LIMIT 2; \x6d533a4b…9f21 | \x39685471…b203 \x82f1c04d…77ae | \xd4501be9…3c6f (2 rows — opaque bytes, no possible key) noctcom_prod=> SELECT email, password FROM users; -- and the personal data? ERROR: column "email" does not exist ERROR: column "password" does not exist -- only email_hash (BLAKE2b) and an OPAQUE verifier exist
This is what the Noctcom operator would see, an attacker who stole the entire database… or anyone with a disclosure order: there is no key on the server with which to decrypt anything.
Zero-knowledge isn't a promise.
It's mathematics.
noctcom.com · open source (AGPL-3.0) · audit it yourself
What we don't do.
Noctcom is not an office suite. There's no chat, no video calls, no online document editor. It's deliberate: every feature that gives a server the ability to read your data is a crack in your privacy. We do one thing —store your files so that only you can read them— and we do it better than anyone.
Algorithm versioning ready for post-quantum (Kyber/Dilithium on the roadmap). Your encryption today won't expire tomorrow.
For those to whom privacy isn't optional.
If you handle material that can't leak —an investigation, a source, a case file— you need more than a provider's promise to «not look». You need it to be unable to.
Investigative journalism
Keep sensitive material encrypted on your device before it ever leaves it. Not even we can open it.
Sources and whistleblowing
Share with your newsroom via X25519 sealed boxes: only the recipient opens it, not even with server access.
Professional confidentiality
Lawyers, doctors, journalists: client, patient or source data with encryption the provider can't break.
Control and jurisdiction
AGPL self-host: your data on your own hardware, outside other people's jurisdictions and providers.
On the roadmap — verifiable chain of custody: authorship signing and timestamping to prove to an editor or a judge that a file is intact and from a given date, without anyone else reading it. All built on hashes and signatures; the content never leaves your control.
Honesty first: zero-knowledge encryption protects your files at rest, it doesn't give you network anonymity. To hide who you talk to, combine it with tools like Tor according to your threat model. And like everything in Noctcom, the code is open and auditable.
Your server, your rules.
Noctcom is 100% open source (AGPL-3.0). Deploy it on your own hardware with a single command: Docker on any Linux, or an LXC on Proxmox VE. Same encryption, no third parties. Your cloud, your hardware, real zero-knowledge.
# Linux + Docker
curl -fsSL https://raw.
githubusercontent.com/RedderLabs/
noctcom/main/install.sh | bash
# Proxmox VE (creates an LXC)
bash <(curl -fsSL https://raw.
githubusercontent.com/RedderLabs/noctcom
/main/proxmox/noctcom-lxc.sh)
# With a domain: automatic TLS · without one: http://<IP> on your LAN
Why self-host?
Total control
Your data on your infrastructure. No middlemen, no external jurisdictions.
Auditable
Open source AGPL-3.0. Verify every line that protects your files.
Same encryption
Identical cryptographic guarantees as the cloud version. Real zero-knowledge.