🛡️ Security and Privacy

Bloquinho was designed with security first. Your privacy is our top priority, with local storage, encryption of sensitive data, and total control over your information.

🔒 Security Principles

Bloquinho follows the highest security standards to protect your data:

Local First: All data is saved locally on your device
Encryption: Sensitive data is encrypted with secure algorithms
Total Control: You have complete control over your data
Open Source: Open source code auditable by anyone
No Telemetry: No data is sent to third parties

📊 Security Architecture

flowchart TD subgraph User U["👤 User"] end subgraph App["📱 Bloquinho App"] direction TB UI["🎨 Secure Interface"] Auth["🔐 Local Authentication"] Crypto["🔒 Encryption"] Storage["💾 Local Storage"] OAuth2["☁️ Secure OAuth2"] end subgraph Data Local["📁 Local Data\n(Encrypted)"] Cloud["☁️ Cloud (Optional)\n(Secure Tokens)"] Cache["🖼️ Avatar Cache\n(Secure Metadata)"] end subgraph Protection Secure["🛡️ FlutterSecureStorage"] Hive["📦 Hive (Local)"] Tokens["🔑 OAuth2 Tokens\n(Secure Storage)"] end U --> UI UI --> Auth UI --> Crypto UI --> Storage UI --> OAuth2 Auth --> Local Crypto --> Secure Storage --> Hive OAuth2 --> Tokens Tokens --> Cloud Local --> Cache Secure --> Local Hive --> Local classDef secure fill:#d4edda,stroke:#28a745,stroke-width:2px; class Auth,Crypto,Secure,Tokens secure;

💾 Secure Local Storage

Your data always stays on your device:

FlutterSecureStorage: Encrypted sensitive data
Hive Database: Fast and reliable local storage
Local Folder: Organized structure on your device
Manual Backup: Total control over backups
No Internet: Works completely offline

🔐 Data Encryption

Advanced protection for sensitive information:

OAuth2 Tokens: Stored with AES encryption
Passwords: Encrypted before storage
Metadata: Protected cache information
Profile: Encrypted personal data
Secure Keys: Automatic key management

☁️ Secure and Persistent OAuth2

Bloquinho's OAuth2 system was designed for maximum security and convenience:

🔑 Secure Tokens

Access tokens are stored using FlutterSecureStorage, which uses Keychain on iOS/macOS and Keystore on Android. Tokens are encrypted and never exposed in plain text.

✅ Encrypted ✅ Auto Renewal ✅ Single Login

🔄 Smart Persistence

The system automatically restores valid sessions on startup, testing token validity and automatically removing expired tokens. You log in once and stay connected.

✅ Auto Restoration ✅ Token Validation ✅ Auto Cleanup

🛡️ Debug and Monitoring

Complete logging system to track OAuth2 operations, allowing problem diagnosis and ensuring total transparency about what happens with your credentials.

✅ Detailed Logs ✅ Transparency ✅ Diagnosis

🖼️ Secure Avatar Cache

The avatar cache system ensures that your profile photos are downloaded and stored securely:

Dedicated Folder: Avatars saved in isolated folder
Unique Names: MD5 hash to avoid conflicts
Secure Metadata: Encrypted cache information
Auto Cleanup: Old files removed after 7 days
Robust Fallback: Initials when no photo available

🚀 Security Flow

Secure Initialization

App starts with verification of saved tokens and integrity validation

Session Restoration

OAuth2 tokens are restored and tested automatically

Data Validation

System verifies integrity of local data and encryption

Smart Cache

Avatars are downloaded and stored with secure metadata

Secure Interface

User accesses data with total privacy and control

🔒 Your Privacy is Our Priority

Bloquinho was created to give you total control over your data. No information is sent to external servers without your explicit permission. Your data stays on your device, under your control.

🛡️ Security Features

Mathematical Protection: Validation against division by zero and invalid values
Error Handling: Automatic recovery from invalid states
Debug System: Detailed logs for diagnosis
Lifecycle Management: Complete control over data lifecycle
User Feedback: Visual feedback for security operations

🔍 Total Transparency

Open Source: All code is auditable
Detailed Logs: Complete operation tracking
No Telemetry: No data sent without permission
Data Control: Export, import, delete when you want
Documentation: Complete security guides

🌟 Commitment to Security

Bloquinho represents a new standard in productivity applications, where privacy and security are not optional, but fundamental. Every line of code was written thinking about protecting your data and your total control over information.

🔒 100% Local 🔐 Encrypted 📱 Offline 🌐 Open Source 🛡️ Secure