How I Implemented a Local-First, E2EE Architecture with Sync in My App

Building a note-taking app is almost a rite of passage for developers. There are already plenty of great options out there, so when I started working on Annota, I wanted to challenge myself with a different set of problems: building something local-first, fully offline-capable, and encrypted by default.

The result is Annota, a security-focused note-taking app with dedicated desktop applications built using Tauri (macOS and Windows) and mobile apps built with React Native + Expo (iOS today, Android coming soon).

One thing I cared about from the beginning was keeping the architecture maintainable as the project grows. The app is split into isolated packages with clear responsibilities—for example, the editor and synchronization engine live independently from each other, making it easier to evolve each system without creating tight coupling.

Over the last few weeks, I documented some of the core architectural decisions behind Annota. Here's a high-level look at three of the biggest challenges I tackled.

For a privacy-focused application, I wanted the server to know as little as possible about user data.