HAYAAT
Private End-to-End-Encrypted AI Journal
Journaling apps want your data. A private journal should be the opposite — unreadable to everyone, including the server it lives on. Hayaat (Arabic for 'life') is an AI journal where every entry is encrypted in your browser before it ever leaves your device, then helped along by a language model that only ever sees the decrypted text in your own session.
Origin Story
I built Hayaat for myself — somewhere to think in prose that nobody else, not even the host, could ever read. The constraint came first: if I could not guarantee the privacy, I did not want to build it.
How It's Built
The hard part was marrying real cryptography with a genuinely useful AI. Entries are encrypted client-side with a key derived from your passphrase; the structuring and reflection features run on plaintext only transiently, in your session, and the database never holds anything but ciphertext.
Engineering Notes
Encryption the server can't undo
Entries are encrypted in the browser with AES-GCM-256 and a key derived via PBKDF2 at 300,000 iterations. Firestore only ever holds ciphertext, so the backend is genuinely zero-knowledge — the host cannot read a single word, by construction rather than by policy.
AI on plaintext, only in-session
The structuring and reflection features operate on decrypted text transiently, in your session, via callable Cloud Functions — Claude Haiku 4.5 for fast structuring and Sonnet 4.6 for deeper reflection. Nothing decrypted is ever persisted.
A privacy stance, not just an app
Most products in this space take the data. Hayaat is built to be unable to — proof that you can have an AI that helps you reflect without surrendering the most private thing you own.
Hayaat is a privacy stance as much as an app: proof that you can have an AI that helps you reflect without surrendering the most private thing you own. Most products would have taken the data. This one refuses to be able to.
What It Does
Zero-Knowledge Encryption
Entries are encrypted in the browser with AES-GCM-256 and a PBKDF2-derived key (300,000 iterations). Firestore only ever stores ciphertext — the server cannot read a word.
AI Structuring
Claude turns freeform prose into a navigable timeline and surfaced reflections, so a stream of consciousness becomes something you can actually revisit.
The Coach
An AI coach reflects your own patterns back to you over time — gentle, grounded in what you actually wrote, never prescriptive.
Owner-Locked
Single-user by design, gated behind authentication and an optional static-encryption layer. It is your space and only yours.
Where It Stands
Hayaat is deployed and owner-locked, with zero-knowledge encryption holding from day one. That hard constraint — the server can never read your entries — shapes what comes next: encrypted multi-device sync and a mobile shell, both designed to preserve the guarantee.
Hayaat is a Vite + React + TypeScript app styled with Tailwind, on Firebase Auth, Firestore, Functions and Hosting. The AI layer uses Anthropic Claude — Haiku 4.5 for fast structuring and Sonnet 4.6 for deeper reflection — via callable Cloud Functions. Encryption is Web Crypto AES-GCM-256 with a PBKDF2 key derivation (300k iterations); entries are encrypted before persistence, so the backend is genuinely zero-knowledge.