Zero-Knowledge Encrypted AI

THE SIGNAL OF AI

Every AI platform reads your prompts in plaintext. Every conversation stored on servers you don't control. Cognition changes everything — AES-256-GCM encryption happens in your browser. The server is a dumb data store. It only ever sees ciphertext.

Launch App How It Works

AES-256-GCM

PBKDF2 600K

Client-Side Only

The Problem

Every AI Platform Sees Your Prompts

Your conversations, strategies, code, and ideas — stored in plaintext on someone else's server. Every major platform has the same vulnerability.

ChatGPT

All conversations stored unencrypted. OpenAI employees can access data. Used for model training by default.

Plaintext Storage

Claude

Conversations stored in plaintext on Anthropic servers. Data retained for safety evaluation and improvement.

Plaintext Storage

Gemini

Google stores all interactions. Data can be reviewed by humans. Conversations linked to Google account.

Plaintext Storage

Self-Hosted

Open WebUI, LibreChat, LobeChat — all store conversations unencrypted in their databases. Server compromise = full exposure.

Plaintext Storage

The Solution

Cognition Is Different

The first AI platform that combines zero-knowledge encryption with a beautiful interface, multi-provider support, and agent workflows.

Encryption and decryption happens entirely in your browser — the server never sees plaintext
Your password never leaves your device. It derives a 256-bit key via PBKDF2 with 600,000 iterations
API keys are encrypted at rest. Decrypted only in memory, per-request, then discarded
The server is a dumb data store — it only stores and retrieves ciphertext blobs
Self-hostable with Docker. Deploy anywhere in 60 seconds

Encryption Flow

How It Works

Every piece of data is encrypted before it ever touches a network. Here's the cryptographic pipeline.

Password

User enters passphrase. Never transmitted.

client-side only

PBKDF2

Key derivation with random salt.

600,000 iterations

Master Key

256-bit key derived. Non-extractable CryptoKey.

Web Crypto API

AES-256-GCM

Each encrypt uses a random 12-byte IV.

authenticated encryption

Ciphertext

base64(IV):base64(ct) stored on server.

server sees only this

Capabilities

Everything You Need, Nothing Exposed

A complete AI platform with enterprise-grade encryption baked into every layer.

Encrypted Chat

Every message encrypted with AES-256-GCM before leaving your browser. Streaming responses, markdown rendering, code highlighting — all decrypted locally.

Zero-Knowledge

Multi-Provider

Connect OpenAI, Anthropic, Ollama, or any OpenAI-compatible API. Switch between models seamlessly. API keys encrypted at rest.

Bring Your Own Keys

Agent Builder

Create custom AI agents with specialized system prompts, model selection, and personalities. Templates for Researcher, Coder, Writer, and Analyst.

Workflows

Chain multiple agents into pipelines. Output of one becomes input to the next. Build research → analysis → writing workflows with live streaming output.

Privacy Badges

Visual indicators show whether each model runs locally (green) or in the cloud (yellow). Always know where your data flows at a glance.

Local

Cloud

Self-Hostable

Single Docker container, SQLite database, zero external dependencies. Deploy on your infrastructure, your network, your rules. docker compose up -d

Your Server

System Design

Architecture of Zero Knowledge

The server is architecturally incapable of reading your data. Not by policy — by design.

Browser

            PBKDF2 Key Derivation

            AES-256-GCM Encrypt

            AES-256-GCM Decrypt

            Web Crypto API

            Svelte 5 UI

→

Server

Store Ciphertext
Retrieve Ciphertext
SSE Proxy
SQLite + Drizzle
SvelteKit API

→

AI Backends

OpenAI API
Anthropic API
Ollama (Local)
Any OpenAI-Compat
Your Keys

Key insight: The server only proxies AI requests — it receives the decrypted API key transiently in memory (per-request), forwards to the AI provider via SSE, and never persists any plaintext. All conversation data stored is ciphertext.

Use Cases

Why Private AI Matters

In a world where every keystroke is monetized, privacy isn't a feature — it's a right.

Corporate Espionage

Competitors and nation-states target AI platforms for trade secrets. Your product roadmaps, M&A strategies, and competitive analysis — exposed in plaintext prompts to ChatGPT. With Cognition, the server breach reveals nothing but noise.

Personal Privacy

Medical questions, financial planning, legal research, relationship advice — conversations you'd never want stored on someone else's server. End-to-end encryption means only you can read your data.

Intellectual Property

Developers paste proprietary code. Writers share unpublished manuscripts. Researchers discuss pre-patent innovations. Standard AI platforms train on this data. Cognition ensures your IP stays yours.

Data Sovereignty

GDPR, HIPAA, CCPA — compliance frameworks require data protection. Self-host Cognition on your infrastructure and maintain full control. No third-party data processing agreements needed.

Get Started

Deploy in 60 Seconds

Single Docker container. Zero configuration. Or use the hosted version instantly.

Docker

# Clone and run docker pull cognitionai/cognition docker compose up -d # That's it. Open http://localhost:3000

Railway (Hosted)

# One-click deploy on Railway # Or use the live instance: https://app.cognitionai.tech # Add your API keys in Settings # Everything encrypted in your browser

Bring Your Own Keys — Cognition doesn't bundle AI models. Connect OpenAI, Anthropic, Ollama, or any OpenAI-compatible provider. Your keys, your models, your data.