Designed a zero-knowledge vault with PBKDF2-SHA512 (1M iterations), AES-256-GCM, HMAC integrity checks, and client-side verification ciphers — the server never sees plaintext keys or passwords.
02 / Case StudySecure Messaging
NEXT PGP
A zero-knowledge PGP Progressive Web App for key generation, keyring management, and end-to-end encrypted cloud vaults — all in the browser.
Role
Solo product design, zero-knowledge architecture, full stack engineering, PWA
Timeline
2024 - Present
Stack
Next.js / Hero UI / PostgreSQL / OpenPGP
Project Context
Built ToFeel Useful.
Next PGP is a full-featured cryptographic workstation delivered as a PWA. Users generate keys across modern algorithms (Curve25519, NIST curves, RSA), manage keyrings locally in IndexedDB, encrypt and decrypt messages and files including batch and folder operations and optionally sync encrypted backups through a zero-knowledge cloud vault. Every cryptographic operation runs client-side via the Web Crypto API, vault passwords are never sent to the server, and a dynamic Web Worker pool scales heavy workloads across all CPU cores without blocking the UI.
Architecture
Zero-Knowledge
Performance
Multi-Core
Surface
PWA
Technical System
Sharp stack. Clear product shape.
Next.jsHero UIOpenPGP.jsWeb Crypto APIIndexedDBPostgreSQLPWAWeb WorkersPBKDF2AES-256-GCMTypeScript
Built a dynamic Web Worker pool that parallelizes encryption and decryption across all CPU cores, keeping the interface responsive during heavy batch and folder operations.
Shipped a cross-platform PWA with offline support, app-password protection, keyserver import/export, and encrypted cloud backup — usable on Windows, macOS, Linux, Android, and iOS.
Visual Archive
Screens
07
NEXT-PGP / Frame 01
NEXT-PGP / Frame 02
NEXT-PGP / Frame 03
NEXT-PGP / Frame 04
NEXT-PGP / Frame 05
NEXT-PGP / Frame 06
NEXT-PGP / Frame 07
Next Step