Standard Notes
Standard Notes is an end-to-end encrypted note-taking application focused on privacy and longevity. Founded in 2017 by Mo Bitar and acquired by Proton AG in April 2024, it offers cross-platform sync with zero-knowledge encryption using XChaCha20-Poly1305. The app is fully open source (client and server), supports self-hosting, and provides a free tier with unlimited encrypted notes alongside paid Productivity ($90/year) and Professional ($120/year) plans that unlock advanced editors, themes, and revision history.
Score generated by AI agents based on publicly cited evidence and reviewed by the project maintainer. Not independently validated.
Score History
Timeline events are AI-curated from public reporting. Score trajectory is derived from documented events.
Mo Bitar launched Standard Notes as a solo bootstrapped project with a clear privacy-first mission: end-to-end encrypted notes with a 100-year longevity commitment. The initial product was minimal — plain text notes with encryption and sync — but entirely free and open source. With no VC funding, no paid tier, and no employees, there were virtually no enshittification vectors beyond the inherent limitations of a one-person project.
Standard Notes introduced the Components extension system and the paid Extended subscription, creating the free-vs-paid divide that would define the product. Premium editors (Markdown, Code), themes, and FileSafe encrypted file storage were gated behind payment while core encryption remained free. The first independent security audit was completed. This era established the monetization model — subscription-funded with a deliberately limited free tier — that would draw both praise for sustainability and criticism for pricing.
Standard Notes invested heavily in security credibility: the encryption protocol was upgraded to XChaCha20-Poly1305 (Protocol 004), dual audits by Cure53 and Trail of Bits were completed, and 2FA was moved from paid to free. However, the November 2021 pricing restructure retired the popular 5-year early pricing plan and introduced the $90/$120 three-tier system that would draw criticism for being expensive relative to competitors offering similar features for free.
Standard Notes reached its feature peak with native encrypted file storage (100GB), the Super Notes block editor, and a dramatically improved self-hosted server (65% memory reduction). But the mid-2023 AGPL license removal — quickly reversed after community backlash — revealed tensions around sustainability and competitive fears. The license scare, combined with the established $90/$120 pricing that users increasingly compared unfavorably to free alternatives, pushed D6, D7, and D8 slightly higher despite strong product improvements.
Proton AG acquired Standard Notes in April 2024, shifting the product from a bootstrapped indie operation to a corporate subsidiary. The Proton Foundation's June 2024 establishment as a non-profit majority shareholder provided structural governance protection. However, the acquisition introduced new dynamics: infrastructure hardening took priority over features, the Standard Notes team's internal operations became opaque, and questions emerged about long-term product identity within the broader Proton ecosystem. The product itself remained stable, but governance complexity increased.
The post-acquisition period was defined by founder Mo Bitar's quiet departure in mid-2025 and Proton's January 2026 non-compete enforcement blocking his new project Shape. These governance events pushed D9 to its highest level, revealing tension between Proton's public privacy-freedom positioning and its internal corporate practices. The product itself remained stable under Proton stewardship, with infrastructure hardening and bug fixes but few new features.
Alternatives
Local-first markdown note-taking with a massive plugin ecosystem and no encryption dependency. Free for personal use with no note limits. Moderate switch — you'll need to export from Standard Notes and convert to markdown files. Not open source, but your notes are plain files you fully control.
Fully open-source, end-to-end encrypted note-taking with free sync via Dropbox or OneDrive. Supports markdown, checklists, and attachments on the free tier — features Standard Notes locks behind a paywall. Easy switch with import tools available. Interface is more utilitarian but fully functional.
Open-source, end-to-end encrypted alternative with a more generous free tier including rich text editing and checklists. Built specifically as a privacy-focused Evernote replacement. Supports direct import from Standard Notes. Newer product with a smaller track record.
Dimensional Breakdown
Summaries below were written by AI agents based on the cited evidence. They are editorial interpretations, not independent research findings.
Dimension History
Timeline (27 events)
Standard Notes debuts on Hacker News
Mo Bitar publicly launches Standard Notes as 'a notes app with a focus on longevity, portability, and privacy.' The app offers free encrypted note-taking with cross-platform sync, positioning itself as a privacy-first alternative to Evernote and Apple Notes. The launch emphasizes a 100-year longevity commitment for user data.
Standard Notes launches iOS and Android apps
Standard Notes releases native mobile apps on both the Apple App Store and Google Play Store, enabling cross-platform encrypted sync between desktop and mobile devices. The mobile launch significantly expands the app's accessibility beyond its initial web and desktop offering.
Components extension system launches with paid Extended tier
Standard Notes introduces 'Components,' a new class of extensions enabling custom editors, themes, and utility bars. The release establishes the paid 'Extended' subscription tier, gating premium editors (Markdown, Code), themes, and automated backups behind a paywall while keeping core encrypted notes free. This creates the fundamental free-vs-paid divide that persists today.
FileSafe encrypted cloud storage bridge launches
Standard Notes releases FileSafe, a bring-your-own-cloud solution that encrypts files client-side before uploading them to users' Dropbox, Google Drive, or WebDAV servers. The feature allows attaching images, documents, and videos to notes while keeping them encrypted, without Standard Notes needing to host file storage infrastructure.
First independent security audit completed
Standard Notes completes its first third-party security audit of the encryption specification. An independent security research firm finds no major weaknesses in the data encryption flow, making Standard Notes one of the first encrypted note-taking apps to undergo such an audit. The results are published publicly.
Version 3.0 update introduces Privileges and autolock
Standard Notes releases version 3.0 with the Privileges system, allowing users to require authentication before viewing protected notes or performing sensitive actions like downloading backups. The update also introduces autolock functionality for enhanced security when stepping away from the device.
Self-hosting documentation and server open-sourced
Standard Notes publishes comprehensive self-hosting documentation and makes the server code fully available, enabling users to run their own sync infrastructure with Docker. This allows complete independence from Standard Notes' servers while maintaining end-to-end encryption, significantly reducing lock-in for technically capable users.
Standard Notes reaches significant user milestone
Standard Notes is featured on Hacker News as 'A Simple and Private Notes App,' reflecting growing community recognition. The app has built a dedicated user base in the privacy-focused community without any venture capital funding or traditional marketing spend, growing entirely through word-of-mouth and organic discovery.
Protocol 004 upgrades encryption to XChaCha20-Poly1305
Standard Notes releases encryption protocol version 004, upgrading from AES-256 to XChaCha20-Poly1305 with Argon2 key derivation. The update centers around more modern cryptographic primitives recommended by Cloudflare and Google. Existing users are prompted to upgrade their accounts, with progressive re-encryption of existing data occurring automatically.
Two-factor authentication made free for all users
Standard Notes moves two-factor authentication from the paid Extended tier to the free plan, making it available to all users. Previously, 2FA was a paid feature justified as a key differentiator for the subscription. The change is framed as ensuring all users have access to essential security features regardless of payment status.
Dual security audits by Cure53 and Trail of Bits
Standard Notes completes two independent security audits: a penetration test by Cure53 covering the entire client-side and server-side ecosystem, and a cryptography audit by Trail of Bits reviewing the encryption specification, algorithms, and code implementation. 100% of identified issues are resolved before publication. These represent the most comprehensive audits in the app's history.
Early Pricing discontinued and three-tier pricing introduced
Standard Notes discontinues its discounted 5-year 'Early Pricing' plan and restructures subscriptions into three tiers: Free ($0), Productivity ($90/year), and Professional ($120/year). The 5-year plan had served as a capital raise mechanism at steep discounts. Existing subscribers are grandfathered at their original prices and automatically upgraded to the highest Pro Plan tier.
FileSafe deprecated in favor of native encrypted storage
Standard Notes deprecates FileSafe, its bring-your-own-cloud file storage solution launched in 2018. The deprecation comes as the company prepares to launch its own native encrypted file storage system. Existing FileSafe users retain access indefinitely, but new users can no longer install the extension.
Encrypted file storage with 100GB launches in v3.20
Standard Notes releases version 3.20, introducing native encrypted file storage with 100GB capacity and automated local backups. Files are encrypted chunk-by-chunk using XChaCha20-Poly1305 before upload. The feature is available to Professional plan subscribers and replaces the deprecated FileSafe with a first-party solution that doesn't require external cloud providers.
Self-hosted server v2 reduces memory usage by 65%
Standard Notes releases version 2 of its self-hosted server infrastructure, reducing the container count from 13 to 4 and memory usage from 1.7GB to 570MB — a 65% reduction. Startup time improves from several minutes to under one minute. The update makes self-hosting significantly more accessible for users on modest hardware like Raspberry Pi or small VPS instances.
Super Notes rich editor launches with block-based editing
Standard Notes introduces the Super Notes editor, a block-based rich text editing experience using the / key for block selection, @ key for linking notes and tags, and drag-and-drop for images and files. Super Notes represents the most significant editor upgrade in the app's history, bringing it closer to feature parity with competitors like Notion. Available to paid subscribers.
AGPL license removed from client packages
Standard Notes removes AGPL license files from multiple client-side packages, raising community concerns about the project's open-source status. The maintainer acknowledges the inconsistency between the 'fully open source' marketing claim and the actual licensing state, initially attempting to relicense to Creative Commons non-commercial to protect against commercial competitors.
AGPL license restored after community backlash
Following significant community pushback from subscribers and contributors who cited open-source licensing as a primary reason for choosing Standard Notes, Mo Bitar reverts all packages back to AGPLv3. He acknowledges the change away from AGPL 'didn't rest easy on my conscience' and that it was motivated by fear of larger companies exploiting the code. Past versions retain their licenses permanently.
Proton AG acquires Standard Notes
Switzerland-based Proton acquires Standard Notes, its second acquisition after SimpleLogin in 2022. Both companies are bootstrapped with no venture capital. Proton commits to keeping Standard Notes open source, freely available, and fully supported with no price changes. Andy Yen describes notes as containing 'some of our most intimate and sensitive data.' Less than a quarter of Standard Notes' 300,000+ users are existing Proton users.
Proton Foundation established as non-profit majority shareholder
Proton's founders donate shares to establish the Proton Foundation, a Swiss non-profit, as the primary shareholder of Proton AG. The foundation's board includes Tim Berners-Lee and is legally obligated to maintain Proton's privacy mission. The structure blocks hostile takeovers and ensures no change of control without foundation consent. Standard Notes, as a Proton subsidiary, falls under this governance umbrella.
Proton Docs launches leveraging Standard Notes technology
Proton launches Proton Docs within Proton Drive, an end-to-end encrypted collaborative document editor. The product integrates Standard Notes' popular features including markdown support, rich text, code blocks, and checklists. Every keystroke and cursor movement is encrypted in real time. Mo Bitar reportedly contributed significantly to the Proton Docs launch during his time at Proton.
Proton hardens Standard Notes infrastructure and anti-abuse systems
Seven months post-acquisition, Standard Notes publishes a 'Progress with Proton' update detailing infrastructure improvements. Proton's anti-abuse team has implemented DDoS protection and measures to reduce bad actors consuming resources. The team acknowledges that the hardening period limited new feature development but was 'essential to build the future on a rock-solid foundation.' Standard Notes confirms it will not merge into a Proton subscription.
2025 update focuses on bug fixes and performance
Standard Notes publishes its 2025 update detailing 30+ fixes and improvements delivered over the past year. Changes include image alignment in Super editor, improved tag selection, fixed non-Latin character rendering in PDF exports, and a new data loss warning for sign-in. Proton has added dedicated engineers and regularly collaborates on security, infrastructure, and long-term stability.
Proton publicly commits to never building encryption backdoor
After the UK government orders Apple to create an iCloud encryption backdoor via a secret Technical Capability Notice, and Apple complies by removing Advanced Data Protection in the UK, Proton publicly states it will never build a backdoor or remove end-to-end encryption. Proton notes it has resisted pressure from Russia, China, and India and will not yield to the UK. This commitment extends to all Proton products including Standard Notes.
Proton lobbies EU for 'buy European' procurement requirements
Proton writes to the European Commission calling for 'buy European' requirements in public sector procurement, advocating for European digital sovereignty. The move positions Proton as a lobbying presence in EU technology policy. While not anti-consumer, it demonstrates willingness to use regulatory influence for competitive advantage against US tech companies.
Founder Mo Bitar quietly departs Proton
Mo Bitar announces via Twitter that he has left Proton, approximately 15 months after the acquisition. Neither Andy Yen nor Proton issues any public acknowledgment. Community forums note the silence as suspicious. In later interviews, Bitar reveals he didn't enjoy his time at Proton, felt his work on Proton Docs went unrecognized, and regretted adding complexity to Standard Notes by hiring employees.
Proton invokes non-compete against Mo Bitar over Shape
Mo Bitar publicly discloses that Proton's legal team has sent a cease-and-desist demanding he stop working on Shape, his new encrypted team workspace project, citing a non-compete clause from the acquisition. Bitar characterizes it as 'an overreach,' noting Shape focuses on team chat and task management, not notes. He reveals his acquisition payout was comparable to 'the 401k of someone 10 years in the workforce.' Proton's deadline for when Shape can launch is reportedly January 2027. Community reaction is split between those defending Proton's contractual rights and those seeing it as contradicting Proton's pro-freedom values.
Evidence (41 citations)
D1: User Value Erosion
D2: Business Customer Exploitation
D3: Shareholder Extraction
D4: Lock-in & Switching Costs
D5: Twiddling & Algorithmic Opacity
D6: Dark Patterns
D7: Advertising & Monetization Pressure
D8: Competitive Conduct
D9: Labor & Governance
D10: Regulatory & Legal Posture
Scoring Log (4 entries)
Stripped for Phase 2 re-enrichment
Initial scoring with alternatives and milestones