Zero-Knowledge Encrypted AI

THE SIGNAL OF AI

Every AI platform reads your prompts in plaintext. Every conversation stored on servers you don't control. Cognition changes everything — AES-256-GCM encryption happens in your browser. The server is a dumb data store. It only ever sees ciphertext.

AES-256-GCM
PBKDF2 600K
Client-Side Only

Every AI Platform Sees Your Prompts

Your conversations, strategies, code, and ideas — stored in plaintext on someone else's server. Every major platform has the same vulnerability.

ChatGPT
All conversations stored unencrypted. OpenAI employees can access data. Used for model training by default.
Plaintext Storage
Claude
Conversations stored in plaintext on Anthropic servers. Data retained for safety evaluation and improvement.
Plaintext Storage
Gemini
Google stores all interactions. Data can be reviewed by humans. Conversations linked to Google account.
Plaintext Storage
Self-Hosted
Open WebUI, LibreChat, LobeChat — all store conversations unencrypted in their databases. Server compromise = full exposure.
Plaintext Storage

Cognition Is Different

The first AI platform that combines zero-knowledge encryption with a beautiful interface, multi-provider support, and agent workflows.

  • Encryption and decryption happens entirely in your browser — the server never sees plaintext
  • Your password never leaves your device. It derives a 256-bit key via PBKDF2 with 600,000 iterations
  • API keys are encrypted at rest. Decrypted only in memory, per-request, then discarded
  • The server is a dumb data store — it only stores and retrieves ciphertext blobs
  • Self-hostable with Docker. Deploy anywhere in 60 seconds
Cognition zero-knowledge encryption

How It Works

Every piece of data is encrypted before it ever touches a network. Here's the cryptographic pipeline.

01
Password
User enters passphrase. Never transmitted.
client-side only
02
PBKDF2
Key derivation with random salt.
600,000 iterations
03
Master Key
256-bit key derived. Non-extractable CryptoKey.
Web Crypto API
04
AES-256-GCM
Each encrypt uses a random 12-byte IV.
authenticated encryption
05
Ciphertext
base64(IV):base64(ct) stored on server.
server sees only this
Encryption flow diagram

Everything You Need, Nothing Exposed

A complete AI platform with enterprise-grade encryption baked into every layer.

Encrypted Chat

Every message encrypted with AES-256-GCM before leaving your browser. Streaming responses, markdown rendering, code highlighting — all decrypted locally.

Zero-Knowledge

Multi-Provider

Connect OpenAI, Anthropic, Ollama, or any OpenAI-compatible API. Switch between models seamlessly. API keys encrypted at rest.

Bring Your Own Keys
Multi-provider support

Agent Builder

Create custom AI agents with specialized system prompts, model selection, and personalities. Templates for Researcher, Coder, Writer, and Analyst.

Agent builder

Workflows

Chain multiple agents into pipelines. Output of one becomes input to the next. Build research → analysis → writing workflows with live streaming output.

Workflow pipelines

Privacy Badges

Visual indicators show whether each model runs locally (green) or in the cloud (yellow). Always know where your data flows at a glance.

Local
Cloud

Self-Hostable

Single Docker container, SQLite database, zero external dependencies. Deploy on your infrastructure, your network, your rules. docker compose up -d

Your Server

Architecture of Zero Knowledge

The server is architecturally incapable of reading your data. Not by policy — by design.

Browser
PBKDF2 Key Derivation
AES-256-GCM Encrypt
AES-256-GCM Decrypt
Web Crypto API
Svelte 5 UI
Server
Store Ciphertext
Retrieve Ciphertext
SSE Proxy
SQLite + Drizzle
SvelteKit API
AI Backends
OpenAI API
Anthropic API
Ollama (Local)
Any OpenAI-Compat
Your Keys
Key insight: The server only proxies AI requests — it receives the decrypted API key transiently in memory (per-request), forwards to the AI provider via SSE, and never persists any plaintext. All conversation data stored is ciphertext.
Architecture diagram

Why Private AI Matters

In a world where every keystroke is monetized, privacy isn't a feature — it's a right.

Corporate Espionage

Competitors and nation-states target AI platforms for trade secrets. Your product roadmaps, M&A strategies, and competitive analysis — exposed in plaintext prompts to ChatGPT. With Cognition, the server breach reveals nothing but noise.

Personal Privacy

Medical questions, financial planning, legal research, relationship advice — conversations you'd never want stored on someone else's server. End-to-end encryption means only you can read your data.

Intellectual Property

Developers paste proprietary code. Writers share unpublished manuscripts. Researchers discuss pre-patent innovations. Standard AI platforms train on this data. Cognition ensures your IP stays yours.

Data Sovereignty

GDPR, HIPAA, CCPA — compliance frameworks require data protection. Self-host Cognition on your infrastructure and maintain full control. No third-party data processing agreements needed.

Deploy in 60 Seconds

Single Docker container. Zero configuration. Or use the hosted version instantly.

Docker

# Clone and run docker pull cognitionai/cognition docker compose up -d # That's it. Open http://localhost:3000

Railway (Hosted)

# One-click deploy on Railway # Or use the live instance: https://app.cognitionai.tech # Add your API keys in Settings # Everything encrypted in your browser
Bring Your Own Keys — Cognition doesn't bundle AI models. Connect OpenAI, Anthropic, Ollama, or any OpenAI-compatible provider. Your keys, your models, your data.