Architecture

Sovereignty & Resilience

DRIVUNO is designed for provider resilience. Your files are encrypted before they leave your device — so whichever infrastructure provider stores them, the contents stay unreadable to us and to them. EU/Japan deployment options are part of the architecture.

Baseline mode
Standard operations

What stays true no matter which provider runs

  • Files are encrypted on your device before upload. Providers only receive ciphertext.
  • We hold no keys that can decrypt your files. Not Supabase, not Stripe, not us.
  • Metadata is minimized. Filenames, folder structure, and message subjects are encrypted too.
  • An admin or operator cannot read your content. This is enforced by architecture, not policy.

Operational providers today

  • Supabase: encrypted database rows and encrypted object storage (current primary).
  • Stripe: subscription billing — never sees your file content.
  • Cloudflare: edge delivery, DNS, DDoS protection — only routes ciphertext.
  • Lovable Email: operational emails (verification, billing, alerts) — never your file content.

EU / Japan deployment-ready

  • Region selection at signup: EU, Japan, or Global. Recommended automatically from your locale.
  • EU fallback candidates wired in: OVHcloud, Scaleway, Hetzner, Mollie, Adyen, Plausible.
  • Japan fallback candidates wired in: Sakura, IIJ, GMO, KOMOJU, GMO Payment Gateway.
  • Self-hosted PostgreSQL and S3-compatible (MinIO) supported through the storage adapter.
  • Your encrypted data stays in your declared region unless you explicitly request a migration.

What our fallback-ready architecture means

  • Provider-agnostic interfaces: storage, database, payment, auth, email, analytics, CDN, DNS.
  • Admin can mark any provider as degraded, offline, or disabled in real time.
  • Sovereignty modes — Standard, EU Safety, Japan Safety, Hybrid, Emergency — change routing without re-deploying.
  • Encrypted migration tools move ciphertext between providers. Plaintext is never reconstructed server-side.

Privacy-friendly by default

  • No Google Analytics. No fingerprinting. No cross-site tracking.
  • Self-hosted fonts and assets. No required third-party scripts.
  • Privacy-friendly analytics options (Plausible, Umami, Matomo — self-hosted) when enabled by the operator.

DRIVUNO does not promise unhackability, absolute security, anonymity forever, or government-proof storage. We describe what the architecture is designed to do: encrypt before upload, minimize metadata, and stay provider-agnostic. The mathematics of end-to-end encryption is well understood; our job is to implement it carefully and not weaken it for convenience.

Encrypted on your device · upload in 1 click
Upload