Vault

The vault is the encrypted storage layer where every item in Keeplas lives. Your most sensitive documents, credentials, and assets are encrypted on your device with AES-256-GCM before they ever reach our servers. Keeplas only ever holds ciphertext it cannot read.

How encryption works

Each item is sealed with a unique per-item key using AES-256-GCM. That key is wrapped with your master key, which is derived locally from your 24-word recovery phrase via Argon2id — a memory-hard KDF that makes offline brute-force attacks expensive.

The server never sees the phrase, never sees the master key, and never sees an item's per-item key in cleartext. Even a full server breach exposes only encrypted blobs.

What goes in the vault

Eight categories cover the surface area of a real life:

  • Personal — government IDs, residency papers, family documents
  • Financial — bank accounts, brokerage, retirement, crypto wallets, recovery codes
  • Legal — wills, deeds, contracts, powers of attorney
  • Health — emergency contacts, medical history, allergies, current prescriptions
  • Business — corporate documents, subscriptions, vendor logins
  • Digital — domain registrars, hosting, cloud accounts, social profiles
  • Credentials — username/password, TOTP secrets, passkey backups
  • Messages — notes and recorded messages for specific people

Items can carry attachments (PDFs, images, scans), structured fields, and rich text. Search runs entirely client-side over the decrypted index.

How the vault works

  1. You add an item. Upload a document, store a credential, or write a note. It can carry files, links, and rich text.
  2. It is encrypted locally. The item is sealed with a unique key on your device with AES-256-GCM before any upload.
  3. The server stores ciphertext. Keeplas (or your self-hosted Convex backend) only ever sees the encrypted blob.
  4. Only you decrypt. When you open the item, decryption happens in your browser, with a key derived from your 24-word phrase.

Sharing and inheritance

Sharing is opt-in per item. Recipients receive a wrapped key that only their account can unlock. For inheritance specifically, the master key itself is distributed via Social Recovery — Shamir shards held by trusted contacts.

What the server cannot see

  • Your 24-word recovery phrase
  • Your master key
  • Any per-item key in cleartext
  • Any item contents, attachments, or rich-text bodies

What the server does see: a list of opaque encrypted items, the timestamps of mutations, and the audit envelope for each request.

editEdit this page on GitHub