Encryption

Your atoms and review history are encrypted at rest. Your notes stay as plain Markdown so any editor can read them. The key lives in your macOS Keychain.

Atomus encrypts the sensitive parts of your vault at rest. Your Markdown notes stay readable on disk. Everything else is locked.

What's encrypted

atoms.db is encrypted with SQLCipher. An attacker with access to your disk cannot read the front and back of your atoms, your review history, or your FSRS parameters without the key.
settings.json is plain JSON. Nothing in it is sensitive by default.
notes/ stays as plain Markdown. This is intentional. Your notes should be readable in any editor, and any backup tool should be able to capture them verbatim.

If you want your notes encrypted too, put the whole vault inside an encrypted disk image, or let FileVault handle it at the disk level. Both approaches work transparently with Atomus.

Where the key lives

The key for atoms.db is stored in your macOS Keychain, scoped to Atomus. macOS protects the Keychain entry the same way it protects your saved passwords.

If you move your vault to another Mac, Atomus creates a new Keychain entry for it on first launch and rewraps the database. You never see or handle the key directly.

What we never see

Atomus doesn't phone home. Your key, your atoms.db, and your notes all live on your Mac. No server holds a copy. No account links to your data. No recovery process runs on our end.

If you lose access to both your Mac and your backup, the data is gone. That's the tradeoff for true local-first. The upside is that no one, including us, can read your atoms without your Mac.