How it is built
Architecture Overview
A high-level map of the Keeplas codebase: a Turborepo monorepo with a Next.js app, a Convex backend, and an isolated, restricted crypto package.
Monorepo layout
Keeplas is a pnpm + Turborepo monorepo. The deployed surface is a single Next.js app; everything sensitive is isolated in its own package.
- check_circleapps/web -- Next.js 16 App Router app (the only deployed surface)
- check_circlepackages/convex -- Convex schema, queries, mutations, actions, crons
- check_circlepackages/crypto -- zero-knowledge primitives (RESTRICTED, CODEOWNER-gated)
- check_circlepackages/ui -- shared shadcn / Radix design system
The crypto boundary
Everything in packages/crypto runs in the browser only. Convex never sees your 24-word recovery phrase, your master key, or raw Shamir shards. The server stores only AES-256-GCM ciphertext, ML-KEM-768-wrapped keys, and ML-KEM-768-wrapped shards. The threat model: even a fully compromised backend cannot read user content.
The audit envelope
Every mutation that touches your vault carries a signed audit envelope. The Next.js middleware HMACs the request context (IP, country) with a shared secret; Convex re-verifies it and appends a hash-chained, tamper-evident entry to the audit log.
Authentication
Auth is passwordless, built on Convex Auth: email and WhatsApp one-time codes, with optional passkeys (WebAuthn) and TOTP. Per-device unlock uses a PIN, biometric, or hardware key. There is no password to leak or reset.
Read the source
The full architecture and cryptographic protocol live in the repo docs.