Note management
Notes ARE your funds — encrypted at rest, backed up, restored.
Notes are your funds
A note is spendable value. Lose your notes and you lose the shielded balance they represent — there is no server-side copy. Back them up.
Encrypted at rest
Notes are never persisted in the clear. The app derives an AES-GCM key from
your wallet signature (via HKDF) and stores notes encrypted in the browser's
IndexedDB — not localStorage, which breaks in restricted contexts. The SDK
provides the crypto; the app chooses the storage:
const key = await deriveEncryptionKey(walletSignatureBytes); // HKDF -> AES-GCM
const blob = await encryptNotes(client.notes.map((n) => n.note), key);
// persist `blob` wherever you like; later:
const notes = await decryptNotes(blob, key);Spent-state is recovered from the chain
On restore, the app decrypts your notes, re-syncs the tree, and recomputes each note's nullifier to check whether it has been spent on-chain — so spent notes are correctly marked even after a full reload. You do not have to trust local state to be accurate; the chain is the source of truth.
Backup & restore
Because losing notes means losing funds, the app exposes an encrypted backup: export the AES-GCM note bundle to a file and import it later (or on another device). The backup is the same encrypted bytes — it never exposes a plaintext note. Store it safely; anyone who has both the backup and can reproduce your wallet signature can spend those notes.
Receiving a private transfer
There is no indexer-side note delivery yet, so a private transfer produces a note string for the sender to hand you out of band. Paste it into your Note Vault to claim the funds — the app syncs it against the chain and, if it belongs to you and is on-chain, it counts toward your balance.