World Building

The
Story Vault.
Organize your universe.

Build and organize your universe with our hierarchical drag and drop folder system. Protect your character sheets and reference images in the E2EE Drive Vault.

Try Pro — 14 days freeStart free forever

Every author's nightmare is losing the perfect version. Our Automatic Version History lets you view differences (diff). And when your bestseller is ready? Export to PDF, DOCX or Markdown.

Technical Architecture

Know how it works? Like this.

01
// your browser only
const text = "Your words..."

You Type

Content exists only in your browser's memory. Readable text never touches the network. Never. No HTTP request, no WebSocket, no logs — nothing leaves without being encrypted first.

Local memory · Read only
02
// AES-256-GCM
enc:4f9a2b...c7e81d
Argon2id(64MB, 3i, p2)

We Encrypt

AES-256-GCM encrypts every character with a key derived from your password via Argon2id (64MB memory, 3 iterations, parallelism 2). The key never leaves your device.

AES-256-GCM · Client-side
03
7a 4f c2 91 e8 3b 0d f5
a1 6c 88 d4 2e 79 b3 5a
f0 1d c7 63 9e 4b a2 8f
// meaningless noise

We Store

Only the encrypted blob reaches our servers. Without your master password, this data is nothing but meaningless noise. Not us, not hackers, not governments can read it.

Cryptographic noise · Unreadable
Zero-knowledge · Not even Writtt can access your data
Technical Questions

What skeptics ask.

If it's truly zero-knowledge, what happens if I forget my password?+
If you forget your password AND your recovery key, the data is unrecoverable. That's not a bug — it's proof it works. If not even we can recover it, it means not even we can access it. We recommend configuring the Recovery Key on first access.
How do you offer integrated AI without compromising privacy?+
Content is sent to the AI model directly from your browser to the provider (OpenAI, Anthropic, Google) via client-side calls. Writtt never sees readable text in transit. The AI processes and responds directly to your browser.
Is AES-256 really secure? Can't it be broken in the future?+
AES-256 requires 2^256 operations for a brute-force attack — more than the estimated number of atoms in the observable universe. Even viable quantum computers would need Grover's algorithm, reducing it to 2^128 — still astronomically secure.
Can you be legally forced to hand over data?+
We can be legally compelled to hand over what we have: encrypted blobs. Without your password, that data is cryptographic noise. We don't possess your encryption key, we don't store it, we don't transmit it. Handing over noise compromises nothing.
What stops a malicious employee from accessing my data?+
The architecture. There is no internal button, no secret admin panel, no backdoor that gives access to content. All sensitive data in the database ends in '_enc' — columns of encrypted blobs. Without the key derived from your password, they're meaningless bytes.

Your words safe in an unbreakable vault.

Join writers who trust the math, not promises. Real end-to-end encryption, premium editor, integrated AI — without compromising privacy.

Start Writing Free
No credit card required14-day PRO trial free
You only subscribe if the tool is useful to you