About Bunorden

We believe privacy is a fundamental right — not a premium feature.

Our Mission

Bunorden was born from a simple frustration: most software treats your data as a product to be harvested, analyzed, and monetized. We think that is backwards.

We build applications that are private by default, encrypted by design, and delightful to use. Every Bunorden app encrypts your data on your device before it ever touches a server. We never see your plaintext — and that is the whole point.

Our name comes from bun(Japanese for "quality" or "excellence") and orden (order, structure). We build software that brings order to your digital life without compromising your privacy.

What We Build

Each Bunorden application is designed to do one thing well, with end-to-end encryption at its core:

📝 Noted

E2EE markdown notes with folders, full-text search, and secure sharing via X25519 key exchange. Write freely knowing your notes are yours alone.

💰 Clavi

Personal finance tracking with encrypted transaction records. Budget, track, and analyze your spending — without sharing your financial life with anyone.

💧 Water

Hydration tracking with beautiful visualizations and configurable reminders. Even your water intake stays private.

📚 DSEpp

Hong Kong DSE past paper archive with a fast PDF viewer and annotation tools. Free, open, and built for students.

🔐 Accounts

Single sign-on for all Bunorden services. One account, one encryption key, all your apps. Your password derives your master encryption key locally — we never see it.

How We're Different

  • Zero-knowledge architecture. Your data is encrypted before it leaves your device. We cannot decrypt it, even if compelled to.
  • No tracking. Ever.No analytics, no telemetry, no advertising SDKs. Our apps don't phone home.
  • Open source. Our encryption libraries and core applications are open source under the MIT License. Audit us anytime — we welcome it.
  • Works offline. All core features work without an internet connection. Sync when you want, not when the app demands it.
  • No vendor lock-in. Export your data anytime. Your encryption keys are derived from your password — take them anywhere.

Technology

We use battle-tested cryptographic primitives. Our encryption stack is built on:

  • AES-256-GCM for authenticated data encryption — each operation uses a unique 96-bit random IV
  • PBKDF2 with 600,000 iterations and 128-bit random salt for key derivation (OWASP 2024 compliant)
  • X25519 for ephemeral-static Diffie-Hellman key exchange when sharing data between users
  • Web Crypto API for all cryptographic operations — hardware-backed where available, zero external crypto dependencies

Our applications are built with Next.js, React, and TypeScript. Data is stored on Supabase infrastructure. All encryption and decryption happens client-side.

Who We Are

Bunorden is an independent project built by a small team of developers who care deeply about privacy and user experience. We are not backed by venture capital. We are not building a data business. We are building the tools we want to use ourselves.

We believe that privacy-respecting software should be beautiful, fast, and accessible to everyone — not a compromise you make for the sake of security. The best security is the kind you don't have to think about.

Open Source Commitment

We are committed to transparency. Our core encryption library, UI components, and application source code are available under the MIT License on GitLab.

We welcome contributions, bug reports, and security audits. If you're interested in contributing, check out our repository and say hello.

🔗 gitlab.com/bunorden/bunorden-webapp-monorepo

Get in Touch

We love hearing from our users. Whether you have a question, suggestion, or just want to chat about privacy and encryption — reach out.

📧 hello@bunorden.com

Or visit our Contact page for more options.