Sync & Storage

NullPad prioritizes data sovereignty. Your notes are yours, and you decide where they go.

Export & Import

Take your data with you in a standard format.

Export: Generates a .npad binary package containing all notes, sections, settings, and environment variables. This format is highly optimized and supports embedded binary assets (like images). We recommend encrypting the file during export for maximum security.
Import: Restore your workspace from a previously exported .npad or legacy .json file.
Note: Importing will overwrite your current active session.

NullPad uses a tiered approach to local persistence to ensure maximum reliability and performance.

Primary (IndexedDB): Our main storage engine. It supports large datasets and binary blobs, enabling Local Encryption (At-Rest).
Fallback (LocalStorage): Used as a fail-safe only if the browser blocks IndexedDB access. Note: Local Encryption is not available in fallback mode due to storage limits.

Our cloud synchronization is built on a Zero-Knowledge Architecture. This means we provide the storage, but we never see the data.

Binary Packing: Your workspace data and assets are packed into a .npad binary envelope to minimize data footprint and eliminate Base64 overhead.
Local Encryption: Data is encrypted in your browser using AES-256-GCM.
Encrypted Blob: Only the encrypted "blob" is sent to our servers.
Key Retention: The keys (your password and optional salt) never leave your device.
Desynchronize: Collaborators can desynchronize a shared document at any time. This removes the cloud link, and the document remains fully accessible in your workspace as a private, editable copy.

Interface Tip

The Sync icon in the global toolbar turns Green when cloud synchronization is active and connected.

To restore your data from another device, you must provide:

Important

There is no mechanism to recover your data if you lose your password or salt. We do not store them, and we cannot reset them for you.

NullPad allows you to share specific cloud documents with other users.

Selective Sharing: Share only the documents you choose.
Discovery Protection (Nickname Basis): Sharing is intentionally restricted to exact nicknames only. We strictly avoid searchable emails or public user lists to ensure that your presence on NullPad is never discoverable or "enumerable" by third parties.
Read-Only Enforced: Shared documents are enforced as read-only at the database level. (Note: Shared access is currently read-only only).
Revoke Access: As the document owner, you can revoke a collaborator's access at any time from the sharing menu.

Advanced Tier users gain access to a transparent, privacy-focused audit trail.

Access Logs: Track your own critical events (Sign-ins, Data Pushe, Deletions).
Privacy Protection: Logs identify the device family/Operating System and action type, but never expose your public IP address in the user-facing interface.
Verification: Use these logs to monitor for unauthorized access across your devices.

NullPad provides a secure end-of-life process for your data.

Soft Delete: When you request account deletion, access is immediately suspended, but data is retained for a 30-day grace period for recovery before irreversible purging.
Confirmation Mechanism: To prevent accidental loss, deletion requires a deliberate string-match confirmation ({nickname}_delete).
Data Sovereignty: After 30 days, your identity is purged, though some metadata may be retained for up to 6 months in encrypted technical logs for legal compliance (LGPD/GDPR) before absolute permanent deletion.