Zero-knowledge medical records: what it means, and what Cellar does instead

In a zero-knowledge design, your records are encrypted with a key only you hold. The company storing them keeps no copy of it, so it cannot read your data, and neither can anyone who breaks in or buys the company. It sounds like the strongest promise a vault can make, and in one narrow way it is.

It also carries a cost that is rarely said out loud. If you lose your key, no one can recover your records, including the company. For a password or a note, that is an inconvenience. For your medical history, the one record you usually cannot rebuild from memory or paper, it can be a permanent loss at the worst possible time.

We know how to make Cellar zero-knowledge, and it is built so a sealed, key-only-you mode could be added later. We deliberately decided not to make it the way Cellar works, because both costs are real: you could lose your records for good, and Cellar could not read and organize them for you, which is the entire reason to use it rather than a folder of files.

So instead of a lock that can trap you, we built protection you can rely on and still control. Here is exactly what that means.

Every document, and every detail Cellar reads from it, is encrypted at rest, with a separate key for each record. Your name, date of birth, and biological sex, if you add them, are encrypted the same way. Only minimal ordering details, such as dates and categories, are kept in plain text, so your timeline can be sorted.

To organize a document, Cellar decrypts it briefly in your assigned region and sends it to a third-party AI model under binding no-training terms, then stores it encrypted again. We never use your records to train AI. You can turn AI reading off at any time, and Cellar still stores your documents without reading them.

No one on our staff has a path to your records. The only systems that ever handle the readable contents are the pipeline that reads a document you added, your own signed-in requests, and a read-only link you choose to share with a clinician.

Cellar makes money one way: a subscription you pay for. We never sell your data, we run no advertising, and we keep no analytics or trackers of any kind. There is no profile of you assembled here, and no dataset about you for anyone to buy, now or later.

The thing that turns a health company's customers into an asset to be sold simply does not exist at Cellar. That is a deliberate design choice, not a phase.

People have watched a health-data company collect data, suffer a breach, and later enter bankruptcy, with its database of customer information becoming part of what was up for sale. It is a fair thing to worry about with any company you trust with your health.

Cellar is built so your records cannot be caught in that position. You can export everything, your original files plus the structured record Cellar built, in one step at any time, and you can erase your account permanently whenever you want, which destroys the key and makes every record cryptographically irrecoverable. Our standing commitment is plain: we do not sell your data. And because you can take everything and erase it at any moment, you are never dependent on who owns Cellar, or on Cellar continuing to exist, to keep your records.

We are moving processing into confidential computing, so that even while a document is being read, its contents cannot be observed, by us or by the model's host. The system is already built behind a single interface, so this becomes a swap rather than a rewrite. We will describe it precisely when it ships, and not before.