I Built a Privacy-First Note-Taking App with Flutter — Here's What I Learned

Published: 6 days ago (January 9, 2026 at 11:39 AM EST)

4 min read

Source: Dev.to

🔗 Links

Google Play Store –
GitHub (Open Source) –

Why Another Note‑Taking App?

I know what you’re thinking — the world doesn’t need another notes app. But here’s the thing: most note apps either sacrifice privacy for features or sacrifice features for privacy. I wanted both.

The goals were simple

End‑to‑end encryption that actually works
Beautiful, modern UI (not just functional)
Multiple note types beyond just text
Cloud sync without compromising privacy
A sustainable freemium model

The Tech Stack

Core Framework

Flutter 3.6+ – Cross‑platform goodness
Dart – Modern, type‑safe language
Material 3 – Latest Material Design guidelines

Local Database

Drift 2.24 – Type‑safe SQLite with reactive queries (a game‑changer for real‑time updates)

Security

AES‑256 Encryption – Using the encrypt package
Flutter Secure Storage – Secure key management
Local Auth – Biometric authentication (fingerprint/Face ID)

State Management & Architecture

Riverpod 3.0 – Modern reactive state management
Go Router – Declarative navigation
GetIt – Dependency injection

Cloud & Backend

Firebase Authentication – Google Sign‑In
Custom FastAPI Backend – Cloud sync and usage tracking

Features I’m Most Proud Of

1. Multiple Note Types

Not just plain text. Pinpoint supports:

Rich‑text notes with formatting
Audio recordings with playback controls
Todo lists with real‑time auto‑save
Reminders with timezone‑aware notifications

2. The Glassmorphism UI

I spent way too much time on this, but the frosted‑glass effects throughout the app just feel right. Combined with five accent‑color themes (Mint, Iris, Rose, Amber, Ocean) and smooth animations, it’s genuinely pleasant to use.

// Example: Glassmorphism container
Container(
  decoration: BoxDecoration(
    color: Colors.white.withOpacity(0.1),
    borderRadius: BorderRadius.circular(24),
    border: Border.all(color: Colors.white.withOpacity(0.2)),
  ),
  child: BackdropFilter(
    filter: ImageFilter.blur(sigmaX: 10, sigmaY: 10),
    child: /* content */,
  ),
);

3. Real End‑to‑End Encryption

Notes are encrypted on‑device before they ever leave your phone. The encryption key is derived from your master password and stored securely — I never see your notes.

4. OCR & Voice Transcription

Using Google ML Kit, you can extract text from images. Speech‑to‑text lets you quickly dictate notes when typing isn’t convenient.

5. The Freemium Model

A fair usage‑based model:

Feature	Free	Premium
Synced Notes	50	Unlimited
OCR Scans	20 /month	Unlimited
Exports	10 /month	Unlimited
Voice Recording	2 min	Unlimited
Folders	5	Unlimited

Usage is tracked both locally and on the backend to prevent bypassing limits.

Architecture Decisions

Clean Architecture with Service Layer

A service‑based architecture keeps business logic separate from UI:

lib/
├── screens/           # UI screens
├── components/        # Reusable UI components
├── services/          # Business logic layer
├── database/          # Drift database
├── entities/          # Database tables
├── design_system/     # Colors, typography, theme
└── navigation/        # Go Router config

Database Schema (Drift)

The schema supports many‑to‑many folder relationships:

# Simplified schema
tables:
  - notes:
      columns: [id, title, content, type, encryption, timestamps]
  - note_folders:
      columns: [id, title]
  - note_folder_relations:
      columns: [note_id, folder_id]
  - note_todo_items:
      columns: [id, note_id, title, is_done]
  - note_attachments:
      columns: [id, note_id, file_path, type]

Stream‑Based Reactivity

Drift’s watch queries make real‑time updates trivial:

Stream<List<Note>> watchAllNotes() {
  return (select(notes)
    ..orderBy([(t) => OrderingTerm.desc(t.updatedAt)]))
    .watch();
}

Challenges I Faced

Google Play Billing Integration – Setting up in‑app subscriptions was painful. Between base plans, offers, and tags, I spent a solid week just understanding the terminology. Pro tip: read Google’s docs three times before you start coding.
Cloud Sync Conflicts – When the same note is edited on two devices offline, which version wins? I implemented a “last write wins” strategy with timestamps, but this is still an area I want to improve.
Todo List Auto‑Save – Getting todo items to auto‑save without losing the user’s cursor position or creating race conditions was trickier than expected. I ended up using debouncing with temporary IDs for unsaved items.

What’s Next?

Collaboration – Share notes with others
Tags System – Beyond just folders
Markdown Editor – Full markdown support
iOS Release – App Store deployment
Web Clipper – Save content directly from the browser

Try It Out!

If you’re looking for a note‑taking app that respects your privacy without compromising on features, give Pinpoint a try:

📱 Download on Google Play
💻 View Source on GitHub

Pinpoint

The app is open source, so feel free to poke around the code, open issues, or contribute. I’d love to hear your feedback!

Wrapping Up

Building Pinpoint taught me a lot about Flutter, encryption, cloud architecture, and what it takes to ship a real product. If you’re thinking about building your own app, my advice is simple: just start. The learning happens in the doing.

Thanks for reading! Drop a comment if you have questions about the implementation or want me to dive deeper into any specific part.

Tags: #flutter #dart #mobile #opensource #privacy