Resume256 is a fully functional resume builder designed with privacy as a primary constraint.
Resume content is encrypted in the browser before it is stored. The server persists encrypted data and metadata, but does not require routine access to raw resume content.
The project is designed to be self-hosted, auditable, and adaptable, without relying on opaque third-party resume platforms.
Resumes routinely contain sensitive personal and career-related information. In many online resume builders, this data is uploaded and stored in raw form, placing long-term trust in a service operator and its infrastructure.
Resume256 exists to make a different default viable:
- Resume content is encrypted client-side before storage
- The backend stores ciphertext rather than readable resume data
- Sharing and PDF export are implemented without turning the server into a permanent raw data processor
Privacy is treated as a system-level design constraint, not as an optional feature.
- Full resume builder (create, edit, delete)
- Resume versioning
- Template-based rendering (20+ templates)
- Real-time preview and layout customization
- Automated WCAG color contrast validation for template themes
- Profile photo upload with drag-and-drop support
- Client-side encryption using Web Crypto (AES-256-GCM)
- Web Worker-based cryptography for non-blocking operations
- Zero-knowledge-style storage of resume content
- Key derivation using PBKDF2
- Local encryption key management interface
- Public share links with controlled access
- PDF export pipeline using Puppeteer
- Structured editing with section reordering
- Sortable experience, education, and project sections
- Typography customization via Google Fonts
- Template previews with demo data
- Progress indicators during resume creation
- Built-in user feedback system
- Self-hostable Next.js (App Router) architecture
- Deployed on Vercel with serverless functions
- PostgreSQL-backed persistence via Neon
- Rate-limited public endpoints
- Authentication via Stack Auth
- Email notifications via Resend
- Optional analytics integration
- Alpha access and waitlist support
Want to run Resume256 locally or contribute? See CONTRIBUTING.md for setup instructions.
Quick start:
# Fork the repository first, then clone your fork:
git clone https://github.com/YOUR-USERNAME/resume256.git
cd resume256
npm install
cp .env.example .env.local # See CONTRIBUTING.md for environment setup
npm run devResume256 is deployed on Vercel with the following stack:
- Hosting: Vercel (Next.js App Router with serverless functions)
- Database: Neon PostgreSQL
- Authentication: Stack Auth
- Email: Resend
- Rate Limiting: Upstash Redis
You can deploy your own instance of Resume256 to Vercel:
After deployment, you'll need to configure the environment variables listed in .env.example.
If you find this project useful, please consider giving it a star! β
This project is licensed under the MIT License - see the LICENSE file for details.