Keys stay local
The intended zero-knowledge model keeps encryption keys on your device. Cavora stores encrypted blocks, not readable files.
security
Privacy you can reason about.
Cavora is designed around narrow data exposure: encrypt locally, store ciphertext, control sharing, and show the user what is happening.
Ciphertext storage
Uploaded content is represented as encrypted blobs in storage. A server breach should not become a plaintext file leak.
Short-lived access
Downloads and previews are designed around narrow, time-limited access paths instead of permanent public file URLs.
Audit visibility
Important account and share events should be visible: logins, link opens, downloads, permission changes, and revocations.
Account protection
Two-factor authentication, recovery codes, session controls, and suspicious-login detection are central to the account model.
Plain promises
Security language should be concrete. Cavora avoids vague claims and explains what it can and cannot protect.
Have a security question?
The best security posture is explainable. Send questions about the model, the roadmap, or responsible disclosure.