Encrypted storage
The Zero-Knowledge Vault
Your most sensitive documents, credentials and assets -- encrypted on your device with AES-256-GCM before they ever reach our servers. Keeplas only ever holds ciphertext it cannot read.
Encrypted on your device
Every item is sealed with AES-256-GCM in your browser. Plaintext never travels over the network.
Keys derived from your phrase
Your master key is derived locally from your 24-word recovery phrase via Argon2id. Keeplas never receives it.
Organized for your succession
Eight categories -- personal, financial, legal, health, business, digital, credentials and messages -- keep everything findable.
Servers stay blind
Even a full server breach exposes only encrypted blobs. Your vault remains sealed.
How the vault works
- 1
You add an item
Upload a document, store a credential, or write a note. It can carry files, links and rich text.
- 2
It is encrypted locally
The item is sealed with a unique key on your device before any upload, using AES-256-GCM.
- 3
Keeplas stores ciphertext
Only the encrypted blob and minimal public metadata reach our Convex backend.
- 4
Only you -- and who you choose -- can open it
Items stay private until you assign them to a recipient or social recovery releases them.
At a glance
Encryption
AES-256-GCM, client-side
Key derivation
Argon2id from 24-word phrase
Categories
8 vault categories
Storage
100 MB free, 10 GB Lifetime
Frequently Asked Questions
What can I store?expand_more
Identity papers, contracts, wills, insurance, bank and investment details, crypto, passwords, health directives, business continuity plans, and sealed letters -- anything that matters to your succession.
Can Keeplas read my files?expand_more
No. Files are encrypted on your device before upload. We store only ciphertext and cannot decrypt it -- that is what zero-knowledge means.
Start your encrypted vault
Create a zero-knowledge vault in minutes. Free forever, no card required.