← Back to Home
🔐 Zero-Knowledge Architecture
With FatCat's BYOB (Bring Your Own Bucket) mode, your files are uploaded directly to your own cloud storage. Our servers never see, store, or access your file content — by design.
How It Works
In BYOB mode, the FatCat desktop application connects directly to your S3-compatible storage provider. The upload path bypasses FatCat servers entirely for file content.
👤 Your Computer
FatCat Desktop App
→
☁️ Your Cloud Storage
R2 / B2 / S3 / MinIO
↑ File content: encrypted, direct upload (TLS 1.3) — never touches FatCat ↑
🚫 Zero-Knowledge Boundary
👤 Your Computer
→
⚡ FatCat API
Metadata only
↑ Only metadata passes through FatCat: filenames, sizes, timestamps, download links ↑
What FatCat Sees vs. What It Doesn't
📋 What FatCat sees (metadata)
- File name
- File size
- Upload timestamp
- Transfer status
- Download link (generated)
- Your email (for auth)
🚫 What FatCat NEVER sees
- File content (bytes)
- Your storage credentials
- Your encryption keys
- Your bucket configuration
- Your cloud provider password
- Other files in your bucket
Standard vs. BYOB Mode
☁️ Standard Plan
Files stored on FatCat-managed Cloudflare R2 storage.
- Encrypted at rest (AES-256)
- Encrypted in transit (TLS 1.3)
- Auto-expiration (7–30 days)
- No setup required
Best for: Freelancers and small teams who want simplicity.
🔐 BYOB Plan (Zero-Knowledge)
Files uploaded directly to your storage.
- Your encryption keys
- Your retention policies
- Your compliance controls
- Full audit trail via your provider
Best for: Enterprises, regulated industries, and teams with strict data sovereignty requirements.
Supported Storage Providers
BYOB mode works with any S3-compatible storage:
- Cloudflare R2 — No egress fees, global distribution
- Backblaze B2 — Lowest cost per TB
- AWS S3 — Enterprise-grade, any region
- MinIO — Self-hosted, on-premises
- Any S3-compatible — Wasabi, DigitalOcean Spaces, etc.
Our Zero-Knowledge Guarantee
In BYOB mode, FatCat operates under a strict zero-knowledge principle:
- Your storage credentials are stored only on your device, never transmitted to our servers
- The FatCat desktop app (built with Rust) handles uploads locally using your credentials
- We cannot access, read, copy, or modify your files — even if compelled by a legal order
- If FatCat's servers were compromised, no file content would be exposed — only metadata
- You can verify this claim: our desktop app is built with Tauri and the upload flow is inspectable via network monitoring tools
Technical Details
Authentication Flow
Your BYOB credentials (access key + secret key) are stored in the FatCat desktop app's local encrypted config file. They are used directly by the Rust upload engine to authenticate with your storage provider. These credentials never leave your machine.
Upload Flow
- Step 1: You select files in the FatCat desktop app
- Step 2: The app chunks the file and initiates a multipart upload directly to your bucket
- Step 3: Upload progress is tracked locally and synced as metadata to the FatCat API
- Step 4: A shareable download link is generated (pointing to your storage)
- Step 5: The recipient downloads directly from your storage — FatCat is not in the path
Encryption
- In transit: TLS 1.3 between your app and your storage provider
- At rest: Managed by your storage provider (AES-256 by default on R2/B2/S3)
- Optional: Client-side encryption before upload (your key, your algorithm)
Frequently Asked Questions
Can FatCat read my files?
No. In BYOB mode, file content never passes through FatCat servers. We only handle metadata (filenames, sizes, timestamps) to coordinate the transfer UI and generate download links.
What happens if FatCat is hacked?
An attacker would only find metadata (filenames, sizes, user emails). No file content is stored on our infrastructure in BYOB mode. Your files remain safe in your own bucket.
Can I verify the zero-knowledge claim?
Yes. Use network monitoring tools (e.g., Wireshark, Charles Proxy) to verify that file uploads go directly to your storage endpoint, not to FatCat's API. The desktop app's network traffic is fully inspectable.
Is BYOB mode more expensive?
You pay for your own storage costs (typically $5-15/TB/month depending on provider) plus the FatCat Studio or BYOB plan. There are no per-GB transfer fees from FatCat.
Does BYOB work with on-premises storage?
Yes. If you run MinIO or any S3-compatible storage on your own servers, FatCat BYOB connects to it. Your data never leaves your network.
Questions? Contact our sales team to learn more about BYOB.
Last updated: April 2026