Terms & Conditions

Last updated: June 7, 2026 ยท Obscura Security Model v1.0

Crucial Notice on Password Recovery: Obscura runs a zero-knowledge database. Because we never transmit or store your plaintext encryption password or master key, we cannot recover your account or retrieve your data if you forget your password. If you lose your password, your notes are cryptographically locked forever. We have no mechanism to unlock them.

1. Acceptance of Terms

By accessing or using the Obscura service ("Obscura", "the Service"), you agree to be bound by these Terms & Conditions. If you do not agree to all of these terms, do not access or use the Service.

2. Description of Service

Obscura is an open-source, web-based, block-style notes application that prioritizes zero-knowledge end-to-end encryption. The Service allows users to write notes that are encrypted in the user's browser using the Web Crypto API before syncing to database storage.

We reserve the right to suspend, discontinue, or permanently shut down the Service at any time without prior notice.

3. User Account Security & Password Obligation

To use Obscura, you must log in via Google OAuth and set an encryption password.

  • You are responsible for maintaining the confidentiality and strength of your encryption password.
  • You acknowledge and agree that the encryption password is never transmitted to our servers and is only used locally to derive the encryption key.
  • Loss of Password: You bear sole responsibility for remembering your password. We have no facility to reset or recover your encryption password or retrieve your notes.

4. Open Source & Self-Hosting License

Obscura's source code is licensed under the MIT License. You are free to view, clone, modify, and self-host the application on your own servers.

For self-hosted instances of Obscura:

  • You are solely responsible for configuring, maintaining, securing, and backing up your self-hosted infrastructure.
  • The developers of the main Obscura project assume no responsibility or liability for any data loss, security breaches, or damage arising from self-hosted versions of the application.

5. Acceptable Use

You agree not to use the Service to:

  • Engage in any activity that violates applicable local, state, national, or international law.
  • Attempt to bypass security filters, conduct denial-of-service attacks, or compromise the database infrastructure.
  • Store or transmit material that violates intellectual property rights or contains malicious computer code (such as malware, worms, or trojans).

6. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE," WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

We do not warrant that the Service will be uninterrupted, error-free, secure, or free of data loss. Encryption guarantees are dependent on the Web Crypto API implementation in your web browser and the strength of your encryption password.

7. Limitation of Liability

IN NO EVENT SHALL THE DEVELOPERS, MAINTAINERS, OR CONTRIBUTORS OF OBSCURA BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SERVICE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

8. Modifications to Terms

We reserve the right to modify these Terms at any time. When we make updates, we will post the revised terms here and update the "Last updated" date. Continued use of the Service after modifications constitutes your acceptance of the updated terms.