Seven23 webapp implement end-to-end encryption to protect user’s privacy. Server only store encrypted blob and cannot access any details about encrypted components.
Encrpytion is performed using the js-jose library in JSON Web Encryption (JWE) format with
A128CBC-HS256 algorithm and
A256KW encrpytion key.
Encryption key currently use a md5 value of your password, so losing it means you cannot access your data anymore.
Data are encrypted/decrypted on every server request, but are stored unencrypted on your browser meaning anyone with a physical access to your machine can read those if you are still logged in.