Security Document · Last reviewed May 2026

Threat Model

This page is intentionally honest. It describes the security boundary of DRIVUNO and what falls outside it. If a guarantee is not listed under "Protects against", we are not making it.

What DRIVUNO is designed to protect against

What DRIVUNO does not fully protect against

Phase 10 hardening — what we are doing about the residual risks

The cryptography neutralizes the server. The biggest remaining risk is the client — the JavaScript your browser executes. We treat this as the most important class of threat for a zero-knowledge product and address it on several fronts.

See the full architecture and rationale in the whitepaper. Report security issues via the vulnerability disclosure policy.

Encrypted on your device · upload in 1 click
Upload