Trust and Reliability
Privacy and trust as architecture—not features added after the fact.
Privacy starts with control: what data is stored, how it is encrypted, what is allowed into AI context, and where durable memory lives. Venn Labs designs those boundaries into the stack—encryption, obfuscation, sync discipline, and model routing—because expanding AI on personal data requires trust by design, not trust as an afterthought.
Encrypted Data
All app data is encrypted. Everyday data uses a baseline protection layer that preserves normal sync, search, and AI-assisted workflows.
User-Controlled Vault
Tier 2 adds opt-in, password-based encryption for sensitive Notes, Actions, Events, and high-security attachments.
AI Without Model Memory
Venn Labs uses an algorithm that routes different jobs to different models, while durable memory stays in the user's app data, not inside one model provider's retained memory.
Offline-First Local Data
Core workflows stay available locally. Changes are written on device first, then synchronized when connectivity is available.
Cloud Database and Sync Engine
The architecture pairs a fast local database with a cloud database and a dedicated sync engine, enabling scoped data sync, offline writes, and server reconciliation when connectivity returns.
Application Health
Health views can show internet status, sync state, last synchronized time, failed transactions, and diagnostic information.
AI Trust Boundary
Useful intelligence without making an LLM the source of truth.
Venn Labs routes different jobs to different models because each job can have different quality, cost, latency, and capability needs. The product should route intelligently, not treat one model as the whole system.
Just as important: the model is not where persistent memory belongs. Durable memory lives in structured app data, relationships, metadata, and user-controlled security boundaries. For privacy, that means the system assembles only the needed context for a request instead of relying on a model provider to retain and remember the user.
Model routing lets the system choose different models for different tasks instead of sending everything to one default model.
The model is not treated as the memory layer. Context is assembled from structured app data, relationships, metadata, and policy at request time.
Sensitive vault content is excluded from AI context unless it is available in a supported, unlocked session.
The product can use AI while keeping control decisions in the app: what context is sent, what actions are proposed, and what data can be changed.
Tier 2 Encryption
A private vault for data that should stay user-controlled.
Tier 1 protects everyday app data while keeping sync and AI features usable. Tier 2 is the stronger, opt-in model for sensitive content: a user-password lock for items that deserve a higher confidentiality boundary.
In plain language, Tier 2 uses well-studied cryptography rather than a home-grown cipher. AES-256-GCM is widely used across banking, VPNs, TLS-related systems, and compliance programs. GCM also authenticates the encrypted content, so tampering should fail verification instead of silently corrupting the record.
User-password unlock
Tier 2 is opt-in encryption for sensitive items. The user's password gates access to the content, which is the practical story for user-controlled confidentiality.
DEK and KEK key model
A random data encryption key encrypts the content. A key encryption key derived from the user's password wraps that data key for storage and sync.
AES-256-GCM
Content is encrypted with AES-256-GCM and a standard 128-bit authentication tag, protecting confidentiality and detecting tampering.
Password key derivation
The password is stretched with PBKDF2 using 100,000 iterations and HMAC-SHA256, with key derivation run off the main UI path.
Time-limited unlock
Unlocked Tier 2 sessions are designed to expire after 30 minutes, with in-memory key material cleared when the session is locked again.
Sync without plain vault data
The encrypted data key can synchronize across devices, while the raw content remains gated by the user's password when the vault is locked.
Privacy-Conscious Context
Not all data should be treated the same.
Tier 1 system encryption protects ordinary synced data while preserving normal app behavior and AI compatibility. Tier 2 user-password encryption creates a private vault for sensitive content.
Vault items are excluded from AI context unless explicitly available in a supported, unlocked session. High-security attachments follow the security posture of the parent Note and can be encrypted client-side before storage.
Operational Controls
Production risk management built into the system.
Server-controlled status features give Venn Labs AI ways to communicate, pause, recover, and protect users during maintenance or incidents.
Maintenance mode
Account disablement
Sync pause while local app use continues
Force resync after backend rebuilds
Developer messages shown at startup
Trust is an architecture decision.
Encryption, selective sync, AI context boundaries, model routing, and operational controls are designed in from the start—not bolted on later. That is how structured systems can use AI on real data while keeping privacy and reliability at the center of the design.