Offline Encryption + Decentralized IPFS Storage
Your privacy, no servers, no third parties. Offline Recovery Kit forever.
Start Encrypting NowOffline encryption, also known as client-side encryption, is a revolutionary security paradigm where the entire process of encrypting and decrypting data occurs exclusively on your local device. Your unencrypted data never travels through the internet, is stored on external servers, or passes through third parties.
Imagine you have a personal diary with your most valuable secrets. Traditional encryption (server-side) would be like sending your diary by mail to a security company. You have to trust that they won't read it, won't lose it, and will protect it correctly. Offline encryption is like having your own reinforced safe at home. You are the only one with the key, and the diary never leaves your room.
In the world of cryptocurrency, this distinction is critical. Your seed phrases are the master key to all your digital funds. If someone obtains your seed phrase, they can access all your crypto assets. That's why trusting external servers to protect this information is extremely risky.
| Feature | Local Encryption (Offline) | Server Encryption |
|---|---|---|
| Encryption Location | On your device (browser) | On company servers |
| Key Control | You have complete control | Company manages keys |
| Data Exposure | Unencrypted data never leaves your device | Data travels unprotected before encryption |
| Trust Required | Zero-Trust | Complete trust in provider |
| Breach Risk | Minimal - data already encrypted | Critical - access to unencrypted data |
| Password Recovery | Impossible (maximum security) | Possible (compromises security) |
Vault uses the most modern and trusted cryptographic algorithms in the world. Each component has been specifically selected for maximum security.
Winner of the Password Hashing Competition (2015)
Argon2id is the gold standard in key derivation. It uses a combination of GPU and ASIC attack resistance, with adjustable parameters that adapt to technological advances. It requires significant memory (RAM), making brute-force attacks computationally prohibitive.
Next-Generation Stream Cipher
XChaCha20 is an extremely fast and secure stream cipher with a 192-bit nonce. Poly1305 is a message authenticator that guarantees integrity and authenticity. The combination provides confidentiality, integrity, and authenticity in one step, considered one of the gold standards in modern cryptography.
Absolute Privacy
All encryption happens in your browser. Your data never leaves your device. No server connections, no intermediaries, no logs. Your privacy is guaranteed by the laws of mathematics, not by company promises.
Share Without Risk
Share QR codes publicly without concern. Without the correct password, they're just random useless data. Perfect for sharing encrypted information over public or insecure channels.
Argon2id won the Password Hashing Competition in 2015 for a reason: it is fundamentally superior to other algorithms. Its design addresses critical security problems that affect older algorithms.
XChaCha20: An extremely fast and secure stream cipher with a 192-bit nonce. This is critical because it drastically reduces the possibility of nonce reuse, a common problem in stream ciphers. Designed by Daniel J. Bernstein, it's used by Google, Apple, and other security leaders.
Poly1305: A message authenticator that ensures data has not been modified. It works alongside XChaCha20 to provide authenticated encryption (AEAD - Authenticated Encryption with Associated Data).
The XChaCha20-Poly1305 combination provides:
The process is simple but powerful. Designed to be intuitive without sacrificing security.
Enter the text you want to protect: 12 or 24-word seed phrases, exchange credentials, private keys, confidential notes, or any sensitive data. Vault has no size limit.
Create a robust password. Vault will use Argon2id to securely derive the encryption key. The stronger your password, the more secure your encryption. Minimum 16 characters with uppercase, lowercase, numbers, and symbols recommended.
Everything happens in your browser. XChaCha20-Poly1305 encrypts your data with maximum security. The process is instantaneous. Your data never leaves your device.
Share the generated QR code publicly without risk. Without the correct password, it's just useless encrypted data. Perfect for sharing over public or insecure channels.
Vault revolutionizes how you protect your secrets by combining military-grade encryption with distributed storage on IPFS (InterPlanetary File System).
IPFS is a decentralized storage network where files are distributed across thousands of nodes worldwide. Unlike centralized services like Google Drive or Dropbox, no single entity controls IPFS.
Vault encrypts your data in your browser with Argon2id + XChaCha20-Poly1305 BEFORE uploading to IPFS. What's stored on the network is just useless encrypted bytes without your password.
Once on IPFS, your encrypted files are available from anywhere in the world, without depending on any specific company or server. If one node fails, others continue serving your file.
No one can delete, modify, or censor your files on IPFS. Not governments, not companies, not third parties. True censorship resistance.
Download the Recovery Kit: a command-line tool built in Node.js available on GitHub. Allows you to decrypt your secrets offline without depending on servers.
Enter your secret (seed phrase, passwords, etc.) and a strong password. Vault encrypts EVERYTHING locally using Argon2id + XChaCha20-Poly1305.
You can upload the encrypted file to IPFS. A unique CID (Content Identifier) is generated: an immutable fingerprint of your file.
The CID is public and can be shared freely. Without your password, the file is useless. You can save the CID on paper, email, social media, wherever you want.
From any device with internet, open Vault, enter the CID, download from IPFS, enter your password and recover your secret. Or use the Recovery Kit command-line tool for offline decryption.
| Feature | Vault + IPFS | Cloud Services |
|---|---|---|
| Total Control | ✅ You are the absolute custodian | ❌ Company has access |
| Privacy | ✅ Data encrypted before upload | ❌ Data visible to provider |
| Availability | ✅ Global decentralized network | ❌ Depends on centralized servers |
| Censorship | ✅ Impossible to censor | ❌ Can block your account |
| Cost | ✅ Free (public IPFS) | ❌ Monthly subscriptions |
| Offline Backup | ✅ Command-line Recovery Kit (Node.js) | ❌ Requires server connection |
The Recovery Kit is an open-source tool that makes Vault unique:
With the Recovery Kit, you'll always be the custodian of your secrets. You don't depend on Vault online, you don't depend on IPFS, you don't depend on anyone. You only need Node.js and your password.
Vault is designed to protect the most valuable information in the digital world.
Protect your seed phrases (seed phrases) for Bitcoin, Ethereum, and other cryptocurrencies. Without encryption, unauthorized access means total and irrecoverable loss of all your funds. Vault ensures only you can access this critical information.
Store cryptocurrency exchange credentials, email passwords, API keys, and authentication tokens securely. Much safer than cloud-based password managers that require trusting third parties.
Save sensitive information: bank account numbers, personal data, confidential business information, legal documents. Military-grade encryption for your most valuable secrets.
Encrypt the content of important documents before sharing them over insecure channels. Perfect for professionals, lawyers, accountants, and entrepreneurs who handle sensitive information.
Your data will be unrecoverable. Vault has no "password recovery" system because that would imply we have access to your keys. This is maximum security. That's why it's critical to keep your password in a safe place. Consider using a password manager to store it securely.
Yes, Vault's source code is available on GitHub for community audit. We believe transparency is a fundamental pillar of security. Anyone can review the code, verify there are no backdoors, and contribute improvements.
Yes, Vault's interface is completely responsive and works perfectly on any device with a modern browser: smartphones, tablets, laptops, desktops. The experience is optimized for each screen size.
The Recovery Kit is a command-line tool built in Node.js. It allows you to decrypt your data on any computer with Node.js installed, anytime, without internet connection or online services. It's open source and auditable on GitHub.
You can inspect the source code in your browser (F12). You'll see exactly what's happening. Additionally, the code is available on GitHub for independent audit. The cryptography we use (Argon2id + XChaCha20-Poly1305) is industry standard, used by Google, Apple, and security agencies.
Even if there were a breach, your data is protected by military-grade cryptography. Attackers would only get encrypted data with no value. Without your password, it's computationally impossible to decrypt it with current technology.
Offline encryption + Decentralized IPFS + Offline Recovery Kit. You are the only custodian.
Protect My Secrets Now