Trust & architecture

Zero-knowledge by design.

PokoPod is built so your private identity, files, masks, and agreement receipts live in your Local Pod on your computer. PokoPod servers do not become the vault.

View the architecture Revenue transparency

Zero-knowledge architecture

Website to extension to Local Pod. Not to us.

PokoPod’s local-first model is designed to keep the user’s private records on their own device. Websites can interact through the browser extension and local bridge, but sensitive vault contents are not uploaded to PokoPod servers by default.

1

Website

Sign-up, checkout, terms, and account pages are detected in the browser.

2

Browser Extension

The extension asks the Local Pod for masks, rules, and agreement support.

3

Local Pod

Your encrypted vault lives on the laptop or device you control.

For vault contents, even if we were subpoenaed, we have nothing to give.

Your keys are generated and stored locally on your device. PokoPod is designed so Poko Labs cannot browse or hand over the contents of a user’s Local Pod because those private vault contents are not held on our servers.

Technical promise

Local encryption, local keys, local control.

The current PokoPod desktop build uses an encrypted local SQLite/SQLCipher vault. The security model is designed around AES-256 encryption, locally generated key material, and recovery flows that do not require Poko Labs to hold a master key.

AES-256Strong encryption is used for local vault and recovery protection workflows.
SQLCipherIdentity and vault records are stored in an encrypted local database.
Community Solid ServerPokoPod uses Community Solid Server as part of the local pod foundation for user-controlled data storage.
Local keysKeys are generated and stored locally, not kept by PokoPod as a cloud master key.

Revenue transparency

How the free tier stays free.

PokoPod is exploring a free tier supported by referral links. When a user is making a purchase, the extension can ask whether they would like to use an affiliate or referral link. If they choose to use it, a brand may pay PokoPod a referral fee.

£

Honest revenue

Free access can be supported by brand referral fees rather than selling the user’s private data.

Conflict-free guarantee

We do not prioritize brands based on commission rates. Poko Sentry reviews every site objectively, regardless of partnership status.

No

Paid option

Users can pay monthly or yearly to use PokoPod without affiliate links.

Security ledger

Built for audit readiness.

PokoPod is built on the Tauri framework, pairing a web interface with a Rust backend. This gives the desktop client a smaller, more controlled architecture than traditional Electron-style desktop bundles and supports stronger native security boundaries.

Poko Labs also intends to explore open-sourcing parts of the Poko Sentry logic later, so users, researchers, and partners can inspect how agreement risks are interpreted.

Security lite

This page is the short-form trust view. The full security white paper documents the local vault, bridge, extension, relay, known limitations, and hardening roadmap in more detail.

Read the white paper

Built for lawful privacy, not illegal activity.

PokoPod is designed to help people protect their identity, understand agreements, and control their own data. It is not intended to support fraud, harassment, evasion of lawful obligations, theft, abuse, or any other illegal activity. Users remain responsible for how they use the product and for complying with the laws that apply to them.

How it works

Three acts after download.

Enshrinement

You create your Local Pod and receive a 12-word recovery seed so the vault can be restored if needed.

The Guard

The browser extension alerts you to legal traps before you click agree, with plain-English support from Poko Sentry.

The Mask

You check out using a masked email, such as user5467@pokopod.com, keeping your real identity off another company database.