Security at Zetopad
Security and privacy are core to Zetopad's design. Here's how we protect your data:
Local-Only Architecture
- All data is stored locally on your device in append-only log format
- Zero outbound network connections—verifiable air-gap mode
- No cloud sync, no telemetry, no analytics
- WASM runtimes for Python/JS execute entirely offline
Data Storage
- Append-only log ensures data integrity
- Columnar metadata store with efficient indexing
- All files stored in
~/Library/Application Support/zetopad/
Reporting Security Issues
If you discover a security vulnerability, please report it responsibly:
Email: security@zetopad.com
We take all security reports seriously and will respond within 48 hours.
What to Include
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
Safe Harbor
We will not pursue legal action against researchers who report vulnerabilities in good faith and follow responsible disclosure practices.