Chrome, Edge, Brave, Arc, Opera, Vivaldi, Firefox, LibreWolf, Waterfox, and more
Chrome, Edge, Brave, Arc, Opera, Vivaldi, Firefox, LibreWolf, Waterfox, and more
Let’s be honest.
Every bookmark sync service you trusted slowly became a data pipeline. Browsers and "bookmark managers" promise privacy but store everything in on servers you don’t control, and often in plaintext.
Your bookmarks reveal everything: what you’re building, what you’re researching, what you’re worried about. It’s a map of your mind.
It's time to take them back.
Sanctuar is a local-first, zero-knowledge bookmark manager. It’s a browser extension plus a self-hosted API. Encryption and decryption happen on your device; the server stores only ciphertext. If your database leaks, it’s still useless without your password.
Sanctuar exists because that never sat right with me. I wanted bookmarks that work like Proton Pass: zero-knowledge, encrypted on my device, stored on my own server. No company between me and my data.
So I built it. And I’m sharing it because privacy shouldn’t be a premium feature. It should be the default.
Try Sanctuar. Host it yourself. Audit the code. Make it yours. If you have feedback, I’d love to hear it.
End-to-end encryption by design. Your encryption keys never leave your device.
Local-first by default. Run the API locally and keep your data on your own machine.
Complete control and independence, no vendor lock-in, no subscriptions.
Argon2id key derivation + XChaCha20-Poly1305 encryption. All crypto happens on your device.
Find anything instantly across titles, URLs, and notes. Decryption happens locally as you type.
Unlimited tags with custom colors, plus hierarchical collections with 1000+ icons.
Click the extension icon to instantly capture the current page with URL, title, and favicon.
Chrome/Firefox HTML and JSON. Folders become collections automatically.
HTML format with timestamps preserved. Collection hierarchy intact.
Reorder and reorganize collections with intuitive drag and drop.
Add encrypted, searchable notes to any bookmark.
Configurable timeout from 1 minute to 1 hour. Your vault locks automatically.
Pin important bookmarks to always appear first.
Select and manage multiple bookmarks at once.
6-digit PIN for quick access after auto-lock. 3 failed attempts triggers hard lock.
Keep sensitive links private within your vault with one click.
Combine text search with tags. Filter by pinned, hidden, or unsorted.
Switch between dark and light mode to match your preference.
Available now on Chrome and Firefox. Install in seconds, import your bookmarks, and take back control.
There’s no paid tier, no premium lockouts, and no telemetry.
Fork
it, audit it, modify it, and run it forever.
Yes. Encryption and decryption happen on your device. The API only stores encrypted blobs plus the data needed to authenticate. It never has access to your plaintext bookmarks, even if you host it yourself.
Your password is used to derive your encryption key. If you lose it, your data cannot be decrypted. There is no password recovery. This is a security feature, not a limitation. Consider using a password manager.
Sanctuar is designed for self-hosting. There is no hosted version and no plans for one. The point is that you control the server. If you want a managed service, Sanctuar probably isn’t the right fit (and that’s okay).
Chrome (and Chromium-based browsers like Edge, Brave, Arc) and Firefox. The extension is built with WXT for cross-browser compatibility.
Copy your sqlite.db file. Since it only contains
encrypted data, the backup is useless without your password. You
can also export bookmarks to standard HTML from within the
extension.
Yes. Import from Chrome or Firefox export files (HTML and JSON). Folder structures are automatically preserved as Collections.
Bun + Hono for the API, SQLite via Drizzle ORM for storage, and
a WXT + React browser extension. Default runs on
127.0.0.1:3500.