ColdNotes is an encrypted notebook with a duress vault — enter your real password and see your real notes. Enter a different password and an entirely separate vault opens. Your real notes remain encrypted and invisible.
Built on AES-256-GCM, Argon2id key derivation, and a 16-word BIP-39 recovery phrase — the same cryptographic standard used by Bitcoin wallets.
If you are ever forced to unlock your notes, you don't have to reveal anything real. ColdNotes has two completely independent, encrypted vaults inside a single file.
Every feature exists because a real threat model demanded it.
A second master key wraps a completely independent decoy vault. Real notes and decoy notes coexist in one file — cryptographically indistinguishable. No way to prove the real vault exists.
Per-write 12-byte random nonce. Argon2id key derivation (64 MiB memory cost). The same cipher protecting classified government communications. Wrong password? The vault returns nothing — not even an error trace.
168 bits of entropy encoded as 16 English words. The same standard used to secure Bitcoin and Ethereum wallets. Forget your password — your seed phrase restores everything.
Every entry is chained to the previous via SHA-256. Any modification to any entry — even a single byte — breaks the chain and triggers an alert. No silent tampering.
Chain head anchored to a remote server. Even if someone deletes entries from the tail, truncation attacks are detected by comparing local chain state against the remote anchor.
The vault file is stored at a mundane system path and its timestamps are cloned from OS files. To a casual observer — or basic forensic scan — it looks like a system log.
Every save rotates the previous vault to a backup file. Up to 5 encrypted backups kept. All readable only with your password — never plaintext, never exposed.
Organise notes by path: Work/credentials/server, Legal/contracts/2024. Arbitrary depth. A folder tree inside a single encrypted file.
No account. No cloud sync. No telemetry. One portable file on your device. Take it anywhere. ColdNotes never phones home — because there is no home to phone.
Every write goes through five layers before touching disk.
Plaintext exists only in memory. It is never written to disk unencrypted. If you crash mid-write, no sensitive data is recoverable from disk.
Your password is run through Argon2id — 3 passes, 64 MiB memory, 4 threads. Brute-force becomes computationally infeasible. A GPU farm cannot crack a strong password.
All notes are encrypted together as one sealed blob. A fresh random 12-byte nonce is generated on every write — no two ciphertexts are alike even for identical content. GCM mode also provides authenticated encryption: any bit flip is detected before decryption.
If you have a duress password configured, a separate master key wraps a completely independent note set. Both vaults are stored in the same file. There is no flag, no metadata, no field that says "a second vault exists."
The vault file's modification and access timestamps are cloned from a system file. The storage path defaults to a location that looks like a system cache. Automated scans typically ignore it entirely.
AES-256-GCM with Argon2id makes offline cracking computationally infeasible. The vault is useless without your password or recovery phrase.
The duress vault provides plausible deniability. You can comply with a demand to unlock your notes without revealing your real data.
GCM authentication detects any byte-level modification. SHA-256 hash chain catches edit or deletion of entries. Both layers must be bypassed — simultaneously.
Five rolling encrypted backups rotate automatically. 16-word BIP-39 recovery phrase provides a cryptographically secure master fallback.
Stealth storage path and timestomping make the vault file blend in with system files. No obvious file extension. No metadata leakage.
No servers, no accounts, no sync infrastructure to compromise. The attack surface is your local device and your memory. Nothing else.
Client notes, case strategy, and privileged communications that must remain beyond reach.
Source protection and investigation notes in environments where device access can be compelled.
Credentials, vulnerability notes, and proof-of-concept details that cannot leak before disclosure.
Anyone who writes things down that are no one else's business. Your thoughts are yours.
One purchase. No subscriptions. No accounts. No servers. Yours forever.
After purchase, you'll receive a download link and license key within 24 hours.
Questions? admin@alethongroup.com
Questions, volume licensing, or custom requirements? Reach us directly.
Contact Us →