Show HN: A minimalist, encrypted knowledge platform for solo devs and founders
orbivon.comI’ve recently launched Orbivon, a knowledge platform designed for solo developers and founders who want to document and organize their work without distractions. It provides a clean, structured way to create organizations, projects, and documents, along with built-in diagramming support via complex Mermaid.js, all in a fast, minimalist interface.
What makes Orbivon different is its focus on security and simplicity. Your documents are protected with multiple layers of military-grade encryption, not just disk or database-level encryption, so your knowledge always stays private. The platform avoids cluttered menus and unnecessary features, staying distraction-free and streamlined. While many tools try to do everything, Orbivon is built specifically for founders and developers who want to write, organize, and diagram ideas efficiently.
I’m currently building the desktop application and planning a CLI tool to help automate internal product documentation workflows and integrate with MCP.
Hi I'm curious about the encryption system. I found this document https://docs.orbivon.com/getting-started/security#security but wanted to ask where the encryption keys are physically stored and where the decryption happens (server-side vs client side)?
I assume the encryption keys are stored encrypted in your database, but what's the (high level) mechanism for decrypting them? Like is the users' password used at login to temporarily load the encryption key in memory?
Thanks for any insights
Also I like the idea of the encryption but I think the use of LLMs greatly reduces the privacy gained but that's a tradeoff
Hey,
Short answer: Server-side encryption.
Long answer: The main application-level encryption key is stored externally in Doppler. Each project’s encryption key is encrypted using this main key. The main key is loaded as an environment variable when the backend server runs. After a set period (X days), the main key is automatically rotated, and all project keys are re-encrypted with the new main key and updated in Doppler.
Project keys are assigned to specific user accounts, so only the assigned users can decrypt them. The application does not use end-to-end encryption because future planned features require server-side encryption and decryption rather than client-side.
Yes, using LLMs can reduce privacy. To address this, we only send the necessary metadata and selected content to the models. In Ask mode, content is only sent if the user explicitly selects it. Edit mode works the same way: only the specifically selected text or code is passed to the model.
Hope this helps :)
I forgot to mention, it's like a cursor for docs. There are both AI Ask and Edit modes, and beta users also have Agentic mode.
I like to try out new notes/PKM/second brain apps but with AI tokens and limitations, I take a closer look at the pricing pages now before diving in.
I noticed your single user price is $20/month and add-on AI credits are available. This pricing seems higher than what I get from proven AI providers - how are you convincing users to consider this?
I also noted the use of "AI Copilot" in your marketing. Given the huge branding push by a multinational with a very similarly named AI, have you considered using different phrasing?
Good luck. The pricing doesn't make me want to explore the app, even for a free no CC demo because if I like it ... what am I signing up for? The AI credit pack add-ons seem expensive and I have no idea what I'd even be getting.
Hey, I really appreciate your feedback. This is our first product. We will consider your requests and consider lowering the price and other things you suggested.
Good luck. To be clear, I don't have an issue with the price itself and pay $20/month for a few different services that do one thing well... but I don't want to get into a situation where it's $20/month + an unknown amount of credits to use the app I keep my notes and thoughts in.