zoebase
Get started
Doom-resilient. Privacy-Preserving. Portable.

Build encrypted, offline‑first apps without the lock‑in

The Firebase‑class developer experience you love, with end‑to‑end encryption, true data ownership, and the freedom to run anywhere.

Zoebase is our vision for an open‑source App SDK and relay backend built to be privacy-preserving, doom-resilient, and avoiding vendor lock‑in—for developer and their users.

Early stage: Zoebase is in active research and development. The APIs and features shown here represent our design goals, not current functionality.
See the vision Follow development Get involved

Built for developers who are tired of compromise

Firebase is convenient but locks you in. Self-hosting is flexible but has high operations cost. Encryption usually breaks features. Offline-first is hard to sync. It doesn't have to be this way.

❌ The old way

  • Data Silos : Your data trapped in proprietary systems with rising costs
  • Fragile offline: Apps break when connectivity drops
  • Privacy trade-offs: E2EE means bad UX, is hard to implement, and use
  • DIY hell: Build your own sync, crypto, quotas, and access control from scratch

✓ The Zoebase way

  • True ownership: Open source, self-host and sync anywhere
  • Privacy without compromise: E2EE that works with realtime sync and access control
  • Offline-first by design: CRDT-based message sync that handles flaky networks gracefully
  • Batteries included: Quotas, billing, observability built-in for your BaaS

Our design vision

Delightful APIs that feel natural, but are built on solid cryptography and distributed systems

These are design mockups showing our target API, not current implementation

Encrypted data, simple API Concept

How we envision create, update, and sync with automatic E2EE

// Initialize with your endpoint
let config = zoe::ClientConfig::new()
    // your server's public key, any number of DNS or IPs to find it under
    .endpoint(SERVER_PUBLIC_KEY, ["myhost.org", "10.10.0.1", "fallback.zoebase.org"])
    // restore encryption keys from system secret storage or create a fresh one and store it there
    .session_key("zoe-session");
// Your client is all ready, with local secrets, no email nor password necessary - nothing...
let client = config.build().await?;

Shared Containers

Groups of shared objects for collaboration in full end-to-end encryption.

// Get current groups
let (groups, _diffs, _poller) = client.groups_view()

Delightfully simple APIs

which manages the complexity of encryption

let update = GroupInfoUpdate::Name("Deep Space 9".to_owned())
client.update_group(group.group_id(), update).await?;

Internal State Machine & Reactive API

Managing the complexity of encryption

Built on proven foundations

Active Zoe Relay: Core sync and storage engine in Rust
Research E2EE primitives with access control patterns
Planned SDK layer with ergonomic APIs (Web, Mobile, Desktop)
Planned Multi-tenant quotas and usage metering

Everything you need, nothing you don't

🔒

Encrypt all'em things

Everything is encrypted by default. Zero-trust, zero‑permission: keys live with your users exclusively, not the server. Modern, post-quantum cryptography.

🔄

Offline‑first Snappiness

Client-side CRDT state machine with eventually consistent conflict resolution that don't need connectivity to work. Apps work everywhere, even on a plane, in a tunnel or within a LoRa network in the djungle.

🔮

Low-cost relays

Self-host anywhere in minutes: docker‑compose, coolify, YunoHost, bare metal, edge, or your laptop without any external relay at all

💳

Quotas & Billing

Quotas and usage metering built‑in on the relay. Usage-based cost sharing for operations with your users.

🛠️

Developer‑friendly SDKs

Delightful APIs for building your own applications, type‑safe, well‑documented, backed by Rust.

🛻

True Portability

Allow users to chose providers, even multiple at the same time for improved reliability and redundancy.

How Zoebase compares

The best parts of Firebase, Supabase, and Parse — without the compromises

Feature Zoebase Firebase Supabase Parse
Self-hostable
End-to-end encryption
Offline-first sync ⚠️ ⚠️
Realtime updates
Built-in quotas/billing
Multi-tenant by design ⚠️ ⚠️
Open source
Post-quantum crypto

⚠️ = Partial support or requires significant additional work

Built on battle-tested principles

Years of distributed systems research, distilled into a delightful developer experience

⚡ Realtime + CRDT‑style Merges

Low‑friction collaboration across devices and flaky networks. Automatic conflict resolution using CRDTs means your users never lose data, even when offline.

🛡️ Access Control at the Edge

Policy primitives that work with E2EE and without any relays enforcing them. Cryptographic capabilities for zero-trust sharing.

📊 Observability Without Compromise

Built‑in metrics, structured logs, and audit trails for compliance — all without touching user data. Monitor performance, track usage, debug issues while preserving privacy.

🌍 Portable by Design

No lock‑in. Export/import data easily, run locally for development, deploy to any cloud or on‑prem. Move providers or go hybrid without rewriting your app.

🧩 Extensible Architecture

SDK to develop your custom state management logic for your application.

🚀 Performance at Scale

Rust-powered server and SDK handles thousands of concurrent connections with minimal resources. Efficient binary protocol keeps bandwidth low even on mobile.

Built for real-world apps

From privacy-first collaboration tools to resilient field apps

🏥 Healthcare & Compliance

HIPAA-ready with E2EE by default. Audit logs and access controls for regulated industries. Deploy on-prem or in approved clouds.

HIPAA
GDPR
SOC 2

🌾 Field Operations

Work offline in disconnected locations. Sync among each other or when connectivity returns. Perfect for emergency response, field research or activism in restricted environments.

Offline-first
Mobile

💼 Collaboration Tools

Build the next Notion, Figma, or Linear with E2EE by default. Realtime collaboration without sacrificing privacy. Your users own their data, they don't have to trust you wwith it.

Realtime
E2EE

Early Access Program

Zoebase is in active development. Join our community to shape the future of privacy-first app development.

Simple, transparent pricing

Start free, scale when you're ready. No surprise bills.

Self‑host

Free /forever

Run on your infrastructure, keep all features

  • All the features
  • E2EE & offline‑first
  • Unlimited users & data
  • Community support
  • Full source code access
Deploy now
Coming Soon

Managed

$49 /month

We handle hosting, you build features

  • Everything in Self-host
  • Fully managed hosting
  • Automatic backups & updates
  • Built-in monitoring & alerts
  • Priority email support
  • 99.9% uptime SLA
Join waitlist

Enterprise

Custom

For teams with special requirements

  • Everything in Managed
  • Custom SLA & support
  • On‑prem or air‑gapped
  • Security & compliance reviews
  • Dedicated support engineer
  • Training & onboarding
Contact sales

Get involved

Help us build the future of privacy-first app development

🔍

Follow Development

Watch progress on the Zoe Relay foundation

View on GitHub
💡

Shape the Design

Join discussions on architecture and APIs

Join Discussions
🤝

Partner With Us

Interested in collaboration or early access?

Get in Touch

📚 Current Resources

Development

Research & Background

Updates

Frequently asked questions

How is Zoebase different from Firebase?

Zoebase gives you the Firebase-like developer experience (realtime sync, easy SDKs, built-in auth) but with end-to-end encryption, true data ownership, and the freedom to self-host. Unlike Firebase, you're never locked into Google's infrastructure or pricing model.

Can I really use E2EE with realtime sync and access control?

Yes! Zoebase uses cryptographic capabilities and zero-knowledge proofs to enforce access control at the server without the server ever seeing your plaintext data. The server validates encrypted operations and coordinates sync, but all encryption/decryption happens client-side.

What happens when my app goes offline?

Zoebase is offline-first by design. Your app continues to work normally, reading and writing to local storage. When connectivity returns, changes sync automatically with CRDT-based conflict resolution. Users never see "offline" errors.

Is Zoebase production-ready?

No. Zoebase is in early research and development. We're building the foundational pieces (Zoe Relay) and designing the API layer. The code samples and features shown on this site represent our design vision, not current functionality. Follow our GitHub for real progress updates.

How do quotas and billing work?

Zoebase has built-in multi-tenant quotas and usage metering. You can set limits per workspace/org on storage, API calls, and connections. The system tracks usage automatically and can enforce limits or trigger billing events, making it easy to build tiered SaaS plans.

Can I migrate from Firebase/Supabase to Zoebase?

While there's no automatic migration tool yet, Zoebase provides import/export utilities and the SDK is designed to minimize migration friction. We're building migration guides for common platforms. Reach out to discuss your specific needs.

What's the post-quantum cryptography story?

Zoebase uses modern, well-audited post-quantum cryptography (ML-KEM, KYBER, ML-DSA) today proving security even if quantum computers become a reality. This ensures that your data remains secure forever.

Who's behind Zoebase?

Zoebase is built by the team behind Acter, inspired by years of work on Matrix, Zoe, and other decentralized systems. We believe in open protocols, privacy by default, and giving developers and users true ownership of their data.

Help us build the future

Join us in creating a privacy-first, open alternative to Firebase and friends

Get in touch

Questions about Zoebase? Interested in partnerships? We'd love to hear from you.

ben [at] gnunicorn [dot] org GitHub