Privacy & Cryptography

How Anubandha Forms guarantees absolute zero-knowledge data collection.

Simply put: We do not collect, read, sell, or even have the ability to inspect your form submissions. Anubandha Forms operates as a secure envelope relay. Once a response is entered, it is locked immediately on the user's device and can only be opened by the form creator's matching private key.
🛡️

For Form Creators

Deploy forms with total confidence. Submissions are encrypted before they hit our edge server database or storage containers.

  • Your specifications (.aef) define form inputs securely.
  • Submissions are sealed in responder browsers using your public key.
  • No backend leaks can expose submissions—they are saved fully encrypted.
🔒

For Form Responders

Your data is strictly yours. When you submit a form, your input is transformed into mathematical noise before leaving your screen.

  • No third parties or tracking trackers can capture details.
  • The form hosting server cannot read your inputs.
  • Only the recipient holding the decryption key can unlock the package.

Under the Hood: Zero-Knowledge Hybrid Encryption

Asymmetric

RSA-OAEP (2048-bit)

Creators generate an RSA-2048 keypair. The public key is registered with Anubandha Forms to bake encryption into the form's template. The private key remains stored locally on the creator's device. We never receive, store, or transmit your private key.

Symmetric

AES-256-GCM

Since RSA cannot encrypt payloads larger than its modulus size (and is computationally heavy), we employ hybrid encryption. A temporary 256-bit AES key and Initialization Vector (IV) are generated client-side to encrypt the payload. The AES key is then encrypted with the RSA public key.

Submission Cryptographic Lifecycle

1

Client-Side Gathering

The responder completes the fields. On submission, the browser gathers raw answers and packs them into a JSON payload.

2

Hybrid Wrapping

The Web Crypto API generates a random 256-bit AES symmetric key. The JSON payload is encrypted with this AES key (AES-GCM). Next, the AES key is encrypted with the creator's RSA public key (RSA-OAEP).

3

Envelope Assembly

An envelope is assembled containing: the RSA-encrypted AES key, the AES-GCM IV, and the encrypted payload data. This envelope is transmitted to the server.

4

Zero-Knowledge Storage

The Cloudflare Worker accepts the envelope and writes it to R2 storage and D1 databases. The server cannot inspect the envelope content because it lacks the creator's private key.

5

Local Decryption

The creator downloads the submissions archive and runs a local decryption tool (e.g. decrypt.cjs) or uses their local app. The private key decrypts the AES key, which in turn decrypts the submission payload on their own hardware.

Get the appDownload App