Roadmap · out in the open

Where Noctcom is headed

What already works, what we're finishing up and what comes next. No promised dates that later go unmet: the core —encryption, accounts, files, sharing— is already standing and solid, and everything else builds on top of it. All the progress lives in the open, so the most reliable version of this list is always the code itself.

Already working

14

Cryptographic core

Argon2id, XChaCha20-Poly1305, Ed25519, X25519 and BLAKE2b, with the same implementation in the browser and on the server.

Accounts and access

Sign-up with a mnemonic phrase (BIP39), login via Ed25519 challenge-response and two-step verification: passkeys (fingerprint or face) and email code.

Your files, encrypted

Upload and download in 4 MiB chunks, a key per file, trash and versions. The server only ever sees ciphertext.

File preview

View images, video, audio, text and PDF decrypted in memory, without having to download them.

End-to-end sharing

You share with someone else using sealed boxes (X25519): not even we can open what's passed around.

Multiple devices

You register and revoke devices, and your keys sync from your password without passing through the server in the clear.

Instant changes

What you touch in one place shows up everywhere else right away, across devices and across tabs.

Account recovery

With your 12-word phrase you recover access and also your files, re-encrypted with your new password.

Notifications

Alerts when someone shares something with you, even if you have the app closed. The alert never reveals the content.

Your own disks

Beyond the cloud, you can use physical disks (USB/SATA) as storage and choose where each thing lives.

Operations and reliability

Automatic TLS, rate limits, error monitoring, verified backups, health checks and a guide to host it yourself.

Legal notice and privacy

Terms, privacy policy (GDPR) and cookie policy, with no third-party trackers.

Light and dark theme

Choose the look you like best, with accessibility improvements.

Spanish and English

The whole website and app in two languages, with their own per-language URLs. Switch between Spanish and English whenever you want.

In progress

1

Storage plans

Start free with 1 GB. Monthly plans to add more space are nearly ready; self-hosting is always free.

Later on

4

Independent audit

A security review and a pentest by outside people, once we can afford it.

Evidence mode and chain of custody

Prove that a file is intact and what date it's from, with timestamping, without anyone seeing its content. Designed for journalism, whistleblowing and the legal field.

Installable mobile app

Install Noctcom on your phone or tablet (Android and iOS) to upload and access your encrypted files.

Desktop app

A single application that brings together your vault and the management of your disks, without depending on the browser.

Missing something?

Ideas and bugs are discussed in the open. If you want to propose something or see the fine detail of each phase, drop by the repository.