We can't read your data. By design.
Everything is encrypted on your device before it reaches our servers. We don't have your keys. We can't decrypt your data. Nobody can — except you.
We never see your data
All encryption and decryption happens in your browser. Our servers store only encrypted blobs they cannot read. Even our team has zero access to your content.
Your keys stay on your device
Encryption keys are derived from your PIN and a secret unique to your device. They are never transmitted to any server in any form.
Military-grade encryption
AES-256-GCM authenticated encryption with Argon2id key derivation (64 MB memory-hard). The same standards used by banks and governments.
How your vault is protected
From your PIN to encrypted storage — every step happens in your browser
You enter your PIN
A 6-digit PIN you choose. Combined with your device secret, it creates a unique master key.
Keys are derived locally
Argon2id (64 MB, 3 iterations) derives your encryption key. This is intentionally slow to prevent brute-force attacks.
Data is encrypted in your browser
AES-256-GCM encrypts your files, credentials, and notes before they leave your device. Each item has its own encryption key.
Only encrypted data is stored
Our servers receive and store encrypted blobs. Without your PIN and device secret, this data is meaningless.
Multi-device access
Your device secret is stored locally by default. You can optionally enable encrypted cloud backup for multi-device access — your secret is encrypted with your PIN before upload, and the backup server stores only an encrypted blob it cannot read.
How secure sharing works
Recipients don't need an account. The server never sees the decryption key.
You click Share
A unique 6-character access code is generated in your browser. This code is the decryption key.
Content is re-encrypted
Your content is decrypted locally, then re-encrypted with a key derived from the access code (PBKDF2, 600,000 iterations).
Recipient enters the code
They open the link, type the 6-character code. Decryption happens entirely in their browser — the server never sees the code.
Link self-destructs
After expiration or max views, the encrypted data is permanently deleted. You can also revoke access instantly at any time.
What our servers can see
Spoiler: almost nothing useful
Technical specifications
For the engineers and security auditors
Open-source cryptography
Our encryption layer is open-source and available for review. We believe security should be verifiable, not just claimed. You can inspect every line of our cryptographic implementation.
Infrastructure & compliance
EU-hosted servers
All data stored on European servers (EU-West). Your data never leaves the EU.
GDPR compliant
We collect minimal data, encrypt everything, and you can delete your account and all data at any time.
SOC 2 infrastructure
Built on Supabase (SOC 2 Type II) and Cloudflare (SOC 2 Type II) infrastructure.
No third-party tracking
No ads, no data brokers, no selling your information. Your data is yours.
Regular security audits
We continuously audit our codebase for vulnerabilities and follow OWASP security guidelines.
Right to be forgotten
Delete your account and all encrypted data is permanently removed. No backups, no traces.
Ready to share confidentially?
Start sharing encrypted documents in minutes. Free plan, no credit card.