PrivVault — End-to-End Encrypted Photo Storage
A zero-knowledge encrypted photo storage system where the server never sees your photos in plaintext. Encryption and decryption happen entirely in your browser using AES-GCM. Built by Soumik Sarkar.
Security Model
- Client-side AES-GCM encryption — photos encrypted before they leave your device
- Zero-knowledge design — server stores only ciphertext, cannot decrypt your photos
- PBKDF2 passphrase-derived encryption keys
- No passphrase recovery — by design, if you lose the passphrase, the data is gone
- Email magic link authentication — no passwords
- Tokenized album sharing with link revocation
- JSON encrypted data export for offline backup
Features
- Album management — organise photos into named albums
- Drag and drop upload with client-side encryption
- AI Smart Search — TensorFlow.js + MobileNet running entirely in-browser
- Storage quota metering
- Gallery view with decrypt-on-demand
- Presigned upload URLs for secure direct-to-storage uploads