MojoDocs - Privacy-First Tools
Security Architecture

Threat Model

We believe in radical transparency. Here is exactly what Mojodocs protects you against, and what remains in your control.

Cloud Surface

Massive attack vector.

  • • API Endpoint Vulnerabilities
  • • Database Injection
  • • Employee Insider Threats
  • • Data Center Breaches
  • • Interception in Transit

Mojodocs Surface

Minimal attack vector.

  • • Browser Sandbox Escape (Rare)
  • • User Device Compromise

Network Threats

mitigated

Attacks that happen while data is moving across the internet.

  • Man-in-the-Middle (MITM) attacks are impossible as no file data is transmitted.
  • Packet sniffing reveals only static asset loading (JS/WASM), not user content.
  • DNS spoofing cannot redirect file uploads because there are no uploads.

Server-Side Threats

mitigated

Attacks targeting the backend infrastructure.

  • SQL Injection is impossible (No database).
  • Remote Code Execution (RCE) on server is impossible (No processing server).
  • Data retention leaks are impossible (No storage).

Client-Side Threats

not mitigated

Risks that exist on your physical device.

  • Malware/Viruses already present on your computer can still access your files.
  • Browser extensions with malicious permissions could theoretically read the DOM.
  • Physical theft of your unlocked laptop while Mojodocs is open.

The Conclusion

By removing the server, we remove 90% of the attack surface.
If you trust your own device, you can trust Mojodocs.

WebAssembly
Client-Side Engine
Zero Latency
Processing Speed
0.00 KB
Data Retention
AES-256
Security Standard