Write freely. We can't read a word.

A private Markdown editor that syncs everywhere. Your docs are encrypted before they leave your browser.

Writedown App Screenshot 1 Writedown App Screenshot 2 Writedown App Screenshot 3 Writedown App Screenshot 4 Writedown App Screenshot 5 Writedown App Screenshot 6 Writedown App Screenshot 7

Privacy without compromise.

The tools you expect from a modern editor, built on a zero-knowledge foundation.

Choose Your Encryption

E2EE vaults — true zero-knowledge. Keys are derived on your device from a recovery phrase. We store ciphertext we can never decrypt, even if compelled.

Managed vaults — encrypted with your account key. Simpler setup, easy recovery. We handle key management so you don't have to.

Markdown-Native

No proprietary formats. No vendor lock-in. Every document is plain Markdown under the hood. Export it, version it, or open it in any text editor on earth.

WYSIWYG + Source

Write in a clean, distraction-free rich editor. Or drop into raw Markdown source when you need precision. Switch freely — the same document, two views, zero artifacts.

Cloud Sync

Local-first architecture. Your edits save to your device instantly, then sync to the cloud in the background. Works offline. Picks up where you left off on any device.

Private Sharing

Share a document with a w-d.to short link. The decryption key is embedded in the URL fragment — the part that never gets sent to a server.

Passkey Auth

Sign in with TouchID, FaceID, or a hardware key. No master passwords to forget. Your biometric unlocks your vault — fast and phishing-resistant.

Two models. You choose the trust boundary.

E2EE vaults give you zero-knowledge privacy — we can't read your content, period. Managed vaults give you enterprise-grade encryption with easier recovery. Both encrypt every document with AES-256-GCM.

E2EE Vaults (zero-knowledge)

1

Content Encryption Key

A random AES-256 key encrypts your entire vault. Generated on your device. Never transmitted.

2

Master Key

Derived from your 12-word recovery phrase via Argon2id. Wraps the CEK for account recovery.

3

Hardware Seed

Derived from your device's Secure Enclave via WebAuthn PRF. Wraps the CEK for daily use. Unlock with a fingerprint.

Managed Vaults (encrypted at rest)

1

Content Encryption Key

A random AES-256 key encrypts your vault. Generated in your browser at vault creation.

2

Server-Managed Key Protection

Your key is encrypted at rest on our servers. Documents are still encrypted and decrypted in your browser.

3

Account Recovery

No recovery phrase needed. Your key is recoverable via your authenticated session — simpler onboarding, same encryption standard.