Security
Your private offline AI mind – protected like your selv
When you entrust something as personal as your thoughts, memories, or recordings to selv, security isn’t an afterthought — it’s the foundation.
Our design principle is simple: your data belongs to you, and it never leaves your device. All processing, storage, and encryption happens locally, giving you complete control.
Biometric Security
Beyond Encryption
Encryption is the lock. But trust also comes from everything around it:
- Offline by design – No servers, no cloud, no silent syncs. Everything lives only on your device.
- Strong encryption – All sensitive data — from journal entries to screen/audio recordings — is encrypted at rest.
- Modern key management – We use rotating keys for logs, journals, and recordings, so even if one file were compromised, others stay safe.
- Device-level lock – Protect access with your password or fingerprint.
- Configurable auto-lock – Your selv locks itself automatically after inactivity, on your terms.
And when you see Unlock your selv, it’s not just the app — it’s your encrypted world opening securely.
How your data is protected
We use proven, modern cryptography with strong key management to protect everything you store in selv.
Rotating Encryption for All Data
- AES-256-GCM: Modern, authenticated encryption for both confidentiality and integrity.
- Per-day keys: A fresh key is derived daily using HKDF from a master key stored in your device’s secure Keychain.
- Security benefit: If one day’s key is ever compromised, it cannot unlock any other data.
- Resilience: Atomic writes, frame-based storage, and salvage-on-read ensure your data remains accessible even in the face of corruption.
Journals, Logs, Recordings, Imports
- Journal entries, keystroke logs, screen/audio recordings, and even files you import from elsewhere are encrypted with the same rotating AES-256-GCM system.
- This ensures that everything in your selv is protected equally well, no matter where it comes from.
Beyond Encryption
Encryption is the lock. But trust also comes from everything around it:
- SandboxingOn macOS, selv runs inside the App Sandbox, so encrypted files can’t be accessed by other apps.
- Secure Key StorageKeys never touch plaintext storage; they’re managed by the device’s Keychain.
- Automatic encryption of importsAny file you bring into selv is immediately run through the same encryption pipeline as native data.
Security at a Glance
| Data stays offline | Always |
| Encryption | AES-256-GCM everywhere |
| Key rotation | Daily (per-file) |
| Integrity checks | Built-in |
| Password/Fingerprint lock | Available |
| Configurable auto-lock | Available |
| App Sandbox | Enforced |
Closing note
When you “unlock your selv,” you’re opening a space that’s yours alone — safeguarded by strong cryptography and careful engineering.
Because your private mind deserves private protection.