Notesnook is a privacy-focused, open-source alternative to Evernote that encrypts all notes end-to-end using XChaCha20-Poly1305 and Argon2 before data leaves your device. It’s designed for users who demand complete control over their data—developers, journalists, researchers, and privacy advocates—who refuse to trade security for convenience. The app provides unified access across web, desktop (Electron), and mobile (React Native) with a self-hostable sync server, ensuring no third party can access your notes.
Built as a monorepo with TypeScript, React, and React Native, Notesnook leverages a modular architecture including @notesnook/core, @notesnook/crypto, and @notesnook/editor for consistent functionality across platforms. The stack includes IndexedDB-backed streaming file storage, a web clipper for saving articles, and a verifiable encryption layer via Vericrypt. All components are open source, enabling transparency, auditability, and self-hosting without vendor lock-in.
What You Get
- End-to-end encryption with XChaCha20-Poly1305 & Argon2 - All notes, files, and metadata are encrypted on-device before syncing, ensuring even Notesnook’s servers cannot access your data.
- Self-hostable sync server - Run your own sync backend using the open-source server code, giving you full control over where your data is stored and processed.
- Web Clipper extension - Save web pages and articles directly into Notesnook with a browser extension that preserves formatting and works without tracking or telemetry.
- Bidirectional note linking - Create and navigate between connected notes to build knowledge graphs, ideal for research, brainstorming, and complex note organization.
- App lock with device-level encryption - Automatically lock your notes database with a password or biometric authentication to protect sensitive content if your device is lost or shared.
- Cross-platform sync (Web, Desktop, Mobile) - Seamlessly access and edit notes across React, React Native, and Electron clients with real-time synchronization powered by the same core engine.
- Markdown, tables, tasks, and code blocks support - Rich text editing with full Markdown compatibility, including task lists, tables, math formulas, and syntax-highlighted code blocks.
- Notes vault for password-protected notes - Store high-sensitivity notes encrypted even on your local device with an additional password layer beyond the main database encryption.
- Import from Evernote, Markdown, and other formats - Migrate existing notes from other apps using the built-in importer tool with support for ENEX, Markdown, and plain text files.
Common Use Cases
- Running a private research journal - A graduate student uses Notesnook to store encrypted research notes, citations, and annotated PDFs, ensuring no third party can access their unpublished work.
- Securing personal financial records - A freelancer stores bill reminders, receipts, and tax documents in a password-protected notes vault, keeping sensitive data encrypted even on their laptop.
- Building a personal knowledge base - A software engineer links related code snippets, tutorials, and project notes using bidirectional links to create a searchable, interconnected knowledge graph.
- Syncing notes across devices without cloud tracking - A journalist uses Notesnook’s web, desktop, and mobile apps to write and edit stories while ensuring no metadata is collected or sold by the provider.
Under The Hood
Architecture
- Monorepo structure cleanly separates applications (web, mobile, desktop), core modules, and server components, enabling independent development and deployment
- Core logic is encapsulated in reusable packages with well-defined interfaces, decoupling data models like Document and AssetManager from platform-specific implementations
- Dependency injection is implemented via service registries and modular exports, particularly in the data layer where storage abstractions (JSON, SQLite) are isolated
- UI layers leverage contextual providers to consume core services, ensuring clear separation between view rendering and business logic
- Custom build scripts orchestrate transpilation and asset handling across platforms with consistent tooling
Tech Stack
- TypeScript-based monorepo with React and React Native for cross-platform UI, supported by Zustand and React Navigation for state and routing
- tRPC enables type-safe client-server communication with real-time subscriptions for synchronized state across devices
- Strict TypeScript configuration, tsup for bundling, and comprehensive ESLint rules enforce type safety and code consistency
- Native performance is optimized via React Native libraries like mmkv-storage and react-native-blob-util for efficient storage and file handling
- Build workflows are managed through custom scripts with Husky for Git hooks and Volta for Node.js version consistency
Code Quality
- Extensive test coverage spans unit, integration, and end-to-end scenarios across all platforms, validating data persistence, search, and UI behavior
- Strong type safety and modular design ensure predictable behavior and reduce runtime errors
- Robust error handling in database and file operations provides graceful degradation during sync failures or content updates
- Consistent naming and well-structured test fixtures enable clear intent and deterministic test conditions
- Comprehensive E2E tests simulate real user flows including encrypted backups, session restoration, and cross-platform interactions
What Makes It Unique
- Unified event-driven architecture with typed event emitters and tRPC subscriptions enables seamless cross-platform state synchronization without boilerplate
- Fully virtualized, lazy-loaded tree structure maintains performance with massive hierarchical note structures through recursive child fetching and persistent expansion state
- Cross-platform sheet system unifies modal behavior and editor state preservation between web and mobile environments
- Custom Vericrypt encryption layer integrates theme-aware code rendering, securing content while preserving visual fidelity
- Persistent state hooks automatically synchronize complex UI states (like tree expansions) across sessions without external libraries
- Declarative, event-based UI layer decouples Tiptap editor logic from rendering, enabling reusable, platform-agnostic components