Scoped by identity
Clerk issues authentication; Supabase row-level security scopes every read and write to the user who owns it. No cross-account leakage, no shared vaults by accident.
Security & trust
Private by design, portable by default.
Moonstone is built around three principles: scoped access, provider-side control when you want it, and note formats that never trap you in the product.
Bridge content stays with your provider
Bridge Mode keeps note bodies on Dropbox, OneDrive, or Google Drive. Our backend stores connection metadata and encrypted refresh tokens — not your Markdown.
Exportable and legible
Notes are plain .md files. Attachments use vault-relative paths. Export produces a folder you can open in any other editor, forever.
What Moonstone optimizes for
Clarity over mystery.
Notes remain understandable outside the product. Attachments never force provider URLs into your files. Storage choices are visible up front. If a system becomes essential to your thinking, it should stay portable — not become a prison.
Responsible disclosure
Report a vulnerability.
If you find a security issue or want to discuss a trust-related concern, email [email protected]. We aim to respond within two business days.