Loading...
Loading...
Cliprift is designed around a simple principle: your clipboard data belongs to you. This page provides a high-level overview of our security architecture — from data encryption and sensitive content detection to infrastructure hardening.
Cliprift syncs your clipboard across devices. That means your most sensitive data — passwords, API keys, personal messages, code snippets — passes through our infrastructure. We take that responsibility seriously.
Our security model is built on four layers of protection that work together. Even if one layer were compromised, the others keep your data safe.
AES-256 encryption at rest on our servers. TLS 1.3 for all data in transit. End-to-end encryption is under active development.
Credit cards, API keys, and secrets are automatically flagged and can auto-expire after a configurable time.
EU-hosted servers, parameterized queries, secure session management, and encrypted WebSocket channels.
Rate limiting, CORS restrictions, CSP headers, and scoped API keys protect every endpoint.
All clipboard data is encrypted at rest on our servers using AES-256-GCM authenticated encryption — the same standard used by governments and financial institutions. All data in transit is protected by TLS 1.3.
We are actively building end-to-end encryption, where clipboard content will be encrypted on your device before reaching our servers. When available, your encryption key will be derived from a passphrase that only you know, using PBKDF2-SHA256 with 600,000 iterations. The passphrase will never be transmitted to our servers.
Beyond client-side encryption, our infrastructure is hardened at every layer — transport, hosting, storage, and authentication.
| Layer | Technology | Details |
|---|---|---|
| Transport | TLS 1.3 | All traffic encrypted in transit via HTTPS with modern cipher suites |
| Hosting | EU (Hetzner) | Data hosted in European data centers with strict physical security |
| File storage | S3-compatible | Large clipboard items stored in S3-compatible storage with server-side encryption at rest |
| Database | PostgreSQL | Connection pooling, parameterized queries via Drizzle ORM, no raw SQL |
| Authentication | Better Auth | Session-based auth with secure cookies, CSRF protection, and optional 2FA |
| Real-time | Pusher/Soketi | Encrypted WebSocket channels for real-time sync notifications over TLS |
Cliprift provides multiple tools to help you control what data is captured, how long it is stored, and what happens to sensitive content.
Credit cards (with Luhn validation), Social Security numbers, API keys from major providers (OpenAI, Stripe, AWS, GitHub, GitLab, Slack), and generic secrets are automatically detected. Flagged items can auto-expire after a configurable interval — from 5 minutes to 24 hours.
Exclude specific applications (password managers, banking apps) from clipboard monitoring entirely. Ignored apps are filtered at the watcher level — content from those apps never enters your history or reaches the server.
Choose how long clipboard items are stored — from 7 days to indefinitely. Sensitive items have a separate, stricter timer. Pinned items are exempt from all retention policies. Deleted items are permanently removed from both your device and the server.
Copied images are compressed to JPEG at configurable quality (50-100%) before upload, reducing storage and bandwidth. Transparent images (alpha channel) are preserved as PNG automatically.
Dual detection
Sensitive data detection runs in both the Rust clipboard watcher and the TypeScript layer. This dual-layer approach ensures nothing slips through regardless of how content enters your history.
Every API endpoint is protected by multiple layers of access control — authentication, authorization, rate limiting, and input validation.
All sensitive endpoints — authentication, clipboard sync, device registration, and API key usage — are rate-limited to prevent abuse and brute-force attacks.
Cross-Origin Resource Sharing is restricted to known origins. Content Security Policy headers prevent XSS and injection attacks across all pages.
API keys have scoped permissions and per-key rate limiting. Keys can be revoked instantly from the dashboard.
Every tRPC input is validated with Zod schemas. All database queries use parameterized statements via Drizzle ORM — no raw SQL, no injection surface.
We follow industry best practices for secure software development and data handling.
Our encryption implementation is open source and auditable. Trust is verified through code, not promises.
Regular pnpm audit scans for known vulnerabilities in third-party dependencies. Critical findings are patched immediately.
We track product usage events (feature clicks, sync counts) but never clipboard content. Analytics are handled by OpenPanel with typed event catalogs.
Sessions use secure, HTTP-only cookies with CSRF protection. Tokens are refreshed automatically and invalidated on sign-out.
No secrets in Docker image layers. Environment variables are injected at runtime via the deployment platform, never baked into builds.
If you discover a security vulnerability in Cliprift, we want to hear from you. We take all reports seriously and will respond promptly.
Email [email protected] with a detailed description of the vulnerability, steps to reproduce, and any supporting evidence. We will acknowledge receipt within 48 hours.
Please do not publicly disclose vulnerabilities before we have had an opportunity to investigate and release a fix. We appreciate your help in keeping Cliprift and our users safe.
Scope
Reports covering the Cliprift desktop app, mobile app, website (cliprift.com), API (api.cliprift.com), and all open-source packages in the Cliprift repository are in scope. Third-party services (Pusher, Resend, Polar) should be reported to those providers directly.