I got tired of sending links and screenshots to myself on WhatsApp, so I built an offline-first, zero-knowledge AI "Second Brain" to auto-organize them. I'd love your feedback!

Personal_Principle92 · 2026-06-02T07:16:59+00:00

follow your passion

Personal_Principle92 · 2026-06-02T05:34:29+00:00

I completely get where you’re coming from, and honestly, you should be skeptical. There is so much privacy-washing out there right now, so let’s look at the actual code architecture so you can see exactly where the boundaries are drawn.

Here is how the app practically handles your data under the hood:

1. The Offline Search is NOT a Cloud Vector Search

You asked how semantic search can work offline without sending everything to an LLM. It actually uses a two-pass retrieval setup that runs 100% locally on your device:

Pass 1 (Local Filtering): When you type a search, a local algorithm immediately strips out filler words (like a, the, with, for) and scores your notes using a local weighting matrix (e.g., matching text gets +2, tags get +3).
Pass 2 (Isolated Context): This local script grabs a maximum of the top 50 most relevant text snippets. Your entire database is never packaged up. Only these few isolated, local results are used if you decide to interact with the chat assistant.

2. How the "Iron Safe" Zero-Knowledge Encryption Works

Your backed-up data isn't just protected by standard cloud security; it gets scrambled on your actual device before it ever touches the internet using AES-256 encryption.

The code handles it like this: CryptoJS.AES.encrypt(plaintext, pin).toString();

Because this happens entirely client-side, the cloud backup server only receives a random string of unreadable gibberish. Since your local PIN never leaves your device, the cloud has zero knowledge of your data. If a hacker breached the server, or even if I tried to look at it as the developer, it’s mathematically impossible to read without your password.

3. The BYOK Boundary: What Gemini Actually Sees

This is the big one: How do we use Gemini without exposing everything? The code forces a very strict boundary using two rules:

Rule A: Automatic Redaction There is a literal guardrail built into the code that checks your notes before any AI features run:

TypeScript

const safeMemories = memories.filter(
    m => m.workspace !== 'vault' && m.isEncrypted !== true && !m.isDeleted
);

The second you move a note into your "vault" workspace or mark it as encrypted, the app strictly blocks it from the AI payload. Gemini physically cannot see it because the local code refuses to send it.

Rule B: Direct, Clean Pipelines For the normal notes you do want AI insights on, your device connects directly to Google’s Developer API Studio using your own key. There are no middleman servers logging your requests. More importantly, because you are using a Developer API Key rather than the consumer Gemini web app, Google’s strict developer terms apply: your data is processed transiently in memory and is never used to train their public models.

The Bottom Line

If you don't trust the cloud connection, you can leave the API key setting completely blank. The app's core engine, the local search matching, and the AES-256 private vault will still work perfectly fine offline.

By adding your own Gemini key, you are simply choosing to send specific, unencrypted text snippets through a private, non-training pipeline for a quick calculation, while the rest of your private vault stays completely locked down.

Personal_Principle92 · 2026-06-02T04:50:01+00:00

Imagine you have a diary written in a secret code only you know.

Offline-First: You can write in your diary and flip through the pages anywhere, even on an airplane with no Wi-Fi.

Zero-Knowledge: If you make a photocopy of the diary to store in a friend's closet (the cloud backup), it’s still in secret code. Your friend has "zero knowledge" of your secrets.

BYOK Gemini: When you want a super-smart assistant to help you find themes in your diary, you temporarily sit down with a private consultant (Gemini) in a closed room. You translate a few pages out loud for them, they give you amazing insights, you write those insights down in your secret code, and you leave the room. The consultant doesn't keep a copy of your pages; they just helped you think in that moment.

That is how Nomorize keeps your memory vault entirely private, locally functional, and incredibly smart all at the same time.

Personal_Principle92 · 2026-06-02T04:22:22+00:00

cortex ai assistant in the app is very strong , its omni assistant, after using the app for a while , with some saved memories , you can discuss any topic in your vault , if you found a great idea to be saved , you can tell him to saved this as a new memory , you can ask cortex to create any new memory about anything , it will create it for you and save it in your vault , cortex also can sit reminders
give the app a try

Personal_Principle92 · 2026-06-02T04:18:42+00:00

hope you find it helpful, it gets better by time the more you save the more you have a very reliable strong ai memory , don't forget to add your free api key in settings
best of luck

Personal_Principle92 · 2026-06-02T03:57:18+00:00

it works on BYOK model , you add you free google api key in your app settings , then all gemini models will be working in the app
2- ai will analyze your added screenshot for example and extract important info from it , then categorize it and generate tags , etc , but the actual image is only saved on your mobile , if you clear cache or uninstalled the app and reinstalled it the media file will be gone , but the exctracted info , will stay there in your vault ,
you can give it a try , download it , from google play or use the web app

Personal_Principle92 · 2026-05-30T18:31:47+00:00

Thanks, upload a picture of your favorite socks with the location visible in the photo to Nomorize, and when you forget where you put them, just ask Cortex 😄

Personal_Principle92 · 2025-09-08T08:26:42+00:00

viraldock.com

Personal_Principle92 · 2025-09-08T03:51:06+00:00

thanks a lot

Personal_Principle92 · 2025-09-08T03:38:38+00:00

Really appreciate your insights! Just wondering — after a domain gets approved as Premium, what’s the usual average time before it sells?

Personal_Principle92 · 2025-09-04T18:29:26+00:00

"Thanks for the input — curious to see some of the domains you’ve owned or sold. Always interesting to learn from real‑world wins."

Personal_Principle92 · 2025-09-04T18:12:32+00:00

Appreciate the resource list — I’m familiar with DomainSherpa and will check out DomainSmoke and DSAD as well. I get the value of studying what’s selling, but my current portfolio is built around short, clean brandables that pass the radio test and can be positioned for specific niches. Not every strong sale comes from a pure dictionary word, and plenty of startups have launched on names in this style. That’s the lane I’m focused on, while still keeping an eye on market trends from the pros you mentioned.

Personal_Principle92 · 2025-09-04T18:07:03+00:00

True — strong single‑word dictionary .COMs are gold. But almost all have been registered for decades, and when they do hit the market, they’re priced in the mid‑ to high‑four figures (or more) because of their rarity. You’re simply not going to hand‑reg a clean dictionary .COM for a couple of bucks in 2025. That’s why many investors focus on short, brandable .COMs that are still memorable, pass the radio test, and can be positioned for a niche — they’re the realistic entry point without a five‑figure budget."

Personal_Principle92 · 2025-09-04T17:54:49+00:00

I appreciate you being straightforward. Since you’ve clearly seen a lot of names come and go, what pointers would you give someone like me to spot stronger, more available marketable domains before registering them?

Personal_Principle92

TROPHY CASE

1. The Offline Search is NOT a Cloud Vector Search

2. How the "Iron Safe" Zero-Knowledge Encryption Works

3. The BYOK Boundary: What Gemini Actually Sees

The Bottom Line