Frequently Asked Questions

🔒 How secure is my data?

All your data is stored locally on your device, encrypted with AES-256-GCM before it ever touches disk. Nothing is uploaded or shared. Your journal entries never leave your machine unless you choose to export them. The web app stores entries in your browser's IndexedDB — same encryption, no cloud.

📤 Can I export my journal?

Yes — export shipped in v0.6.0. You can export your entries as an encrypted .moodhaven backup file or as a plaintext file. Find it under Settings → Data Management.

📱 Will there be a mobile app?

The web app is available now at journal.moodhaven.app — it works on any device with a browser. A Wear OS companion for voice memos launched with v0.7.0, and LAN peer sync lets you keep multiple devices in sync without a cloud account.

💰 Is MoodHaven free?

The core journaling experience is free and always will be. A Pro tier for AI insights and future cloud features is planned — but local journaling, mood tracking, and all privacy features stay free.

🌱 What's the difference between Community and future versions?

The Community version is free, open-source, and entirely local. Future Pro features may include optional encrypted sync, advanced AI insights, and multi-device backup — but the core experience stays distraction-free and privacy-first.

🤝 How do I contribute?

We'd love your help! You can visit our GitHub repo, suggest features, report issues, or join the discussion on shaping the future of MoodHaven.

🔧 Technical Details

What encryption does MoodHaven use?

AES-256-GCM with PBKDF2 key derivation (600,000 iterations). Each entry has its own random 16-byte salt — compromising one entry's key doesn't expose others. Keys are derived from your password in memory and never stored anywhere.

Can I verify the source code?

Yes. MoodHaven is fully open source. View the repository on GitHub. The security model is documented in SECURITY.md.

How does AI work without sending my data?

AI features analyze anonymized metadata only: mood scores, sentiment categories, time-of-day patterns, and entry frequency. Your actual journal text is never sent to any external API. AI is opt-in and disabled by default.

What is peer sync and how secure is it?

Peer sync connects your devices over your local network using an Ed25519 device identity and AES-256-GCM encrypted transport. No cloud intermediary. A passive observer on your network sees only ciphertext. Architecture docs ↗

How do I install on Linux?

Download the .AppImage file from the Downloads page. Make it executable (chmod +x) and run it directly — no installation required.