What is VaultKeepR and how does it work?

VaultKeepR is a decentralized, zero-knowledge password manager. It encrypts all your credentials directly on your device using XChaCha20-Poly1305, then stores the encrypted vault on the IPFS peer-to-peer network. Nobody else can read your data.

Do I need an email address or a crypto wallet to sign up?

No. Powered by Account Abstraction (ERC-4337), the app automatically provisions a Smart Account in the background when you register your biometric passkey. You do not need to provide an email or connect any external web3 wallet like MetaMask.

How are blockchain transaction fees (gas) paid?

All blockchain network fees required to record or claim your vault are sponsored by our Paymaster service (Pimlico). The use of the Base L2 blockchain is transparent and completely free of charge for users.

What happens if I lose my device?

VaultKeepR features Shamir Secret Sharing recovery. Your recovery key is split into 5 encrypted fragments distributed across devices, trusted contacts, and on-chain smart contracts. Reconstructing any 3-of-5 fragments restores full access.

Is VaultKeepR open source?

Yes. Our core cryptographic library and synchronization packages are fully open-source under the MIT license, making the code publicly auditable for absolute transparency.

New: Encrypted cloud, 3 Premium plans, and anonymous crypto payment. See plans

VaultKeepR

VaultKeepR — Zero-Knowledge Password Manager

The password manager that doesn't ask you to trust it.

Protect your passwords, identities and documents without ever sharing them with us. Log in with your fingerprint, your face, or a secure method you already own. Extension, iOS, Android.

Try free

Chrome Extension Firefox Add-on App Store Play Store

IPFS backupNo account neededEnd-to-end encryptedEncrypted cloudAndroid & iOS

Explore the App

The App in Action

Real screenshots — no fictional mockups. Explore every feature on browser and mobile.

1 / 7

Zero-Knowledge Vault

Credentials, cards, and notes sorted by tags. Instant search, one-click autofill.

Tag filtering
Custom groups
1-click autofill

https://github.com

Privacy by design

Nobody sees your passwords. Not even us.

Your passwords are locked on your device before they ever leave it. The encrypted vault is stored on decentralized IPFS, unreadable without your key.

Your data stays with you

Your passwords are locked on your device before being stored. Even if gateways are down, decentralized P2P storage keeps your vault safe.

No account, no email

Log in with your fingerprint or face. We don't ask for a name, email, or password. Nobody can hack an account that doesn't exist.

You are never locked in

Your data is not locked inside our servers. If our service disappears tomorrow, your passwords remain accessible. You can leave whenever you want.

Proven Security

Built for people who take security seriously

Enterprise-grade encryption with zero complexity. Your credentials, your keys, your rules.

241

Cryptographic tests passed (0 failures)

0 B

Personal metadata collected on servers

XChaCha20

Constant-time AEAD client-side encryption

ERC-4337

Smart accounts with no external wallet needed

Built with proven, audited technologies

Ethereum

IPFS

Argon2id

XChaCha20

Base Chain

What early adopters say

“Finally a password manager that doesn't need to see my identity to protect my credentials. True zero-knowledge without the traditional email honeypots.”

Alexandre V. (@alexv_dev)

Lead Dev SecOps

“I manage 200+ credentials. The biometric PRF key derivation removes the master password entirely, and syncing over IPFS is instantaneous.”

Sarah Jenkins (@sjenkins_sec)

Security Researcher

“The envelope encryption combined with smart contract legacy inheritance on Base L2 is brilliant. The team cannot access my vault, yet recovery works flawlessly.”

Jean-Philippe R. (@jp_roy)

Security Architect

Zero data collected

Your privacy is not a setting. It's our foundation.

VaultKeepR does not collect analytics, telemetry, or user data. We literally cannot see what you store.

Zero tracking

No analytics, no cookies, no fingerprinting. We don't know who you are and we never will.

Nothing to steal

Your passwords are encrypted on your device before storage. We only hold sealed vaults — there is nothing to breach.

Locked before it leaves

End-to-end encrypted with military-grade algorithms. Your master password never leaves your device.

How it works

From setup to encrypted backup, in a few simple steps.

Create your vault

A secure on-chain identity is created automatically via your Smart Account. No signup, no external app, no wallet required.

Choose your lock

Pick a master password, use your fingerprint, or a Passkey. Your vault key is derived from it and never stored anywhere.

Automatic backup

Your encrypted vault is backed up to IPFS automatically. No single point of failure, no central database.

Use everywhere

Mobile app, browser extension with autofill, Face ID, biometrics. Same vault, all your devices.

Built for real use

Sync, recover, and protect credentials across devices—without trusting us with your passwords.

Invisible to us

Your passwords are decrypted only on your device. We never see your passwords, cards, or notes — by design.

No account needed

No email, no registration form. Your Smart Account is your identity. One fewer thing that can be hacked.

Sovereign identity

Your identity is a Smart Account on-chain. No centralized server keeps a database of who you are.

IPFS backup

Encrypted vault stored on IPFS. Nothing in clear text on our side, ever. You control your CID.

Biometrics + PRF

WebAuthn PRF derives the key from your fingerprint or face. True passwordless encryption without external wallets.

Modern encryption

Argon2id key derivation and XChaCha20-Poly1305 encryption. Industry-leading defaults for your vault.

Extension, iOS, Android

Autofill in the browser, AutoFill on iOS and Android, full vault UI — including groups, identities, and TOTP.

Import & export

Bitwarden, CSV, JSON, PGP. Export plain, encrypted, or PGP-wrapped for your own backups.

No ads, no tracking

No advertising, no behavioral profiling. Premium and aliases use standard payment and email flows only where you opt in.

Vault Sync

After unlocking, changes sync to IPFS automatically and update the smart contract registry in the background.

Premium

Fragmented recovery (Premium)

Split your vault into 5 shares (Shamir 3-of-5). Recovery is independent of your device for disaster recovery.

Premium

Email aliases (Premium)

Create forwarding addresses on your domain to hide your real inbox from signups and leaks.

Multi-modal auth

Unlock with biometric passkeys, master password, or physical NFC backup keys.

Premium

Secure Documents

Store sensitive documents like ID cards, fragmented and encrypted before IPFS sync.

Security monitoring

Track DApps approvals, scan for breaches, and get alerts when something needs attention.

Premium

Encrypted Cloud

Store files in encrypted cloud storage (S3). From 10 MB (free) to Unlimited depending on your plan.

Quick Share

Share credentials securely with zero-knowledge ephemeral links. The recipient needs no account.

Premium

TOS AI Analysis

AI scans Terms of Service for data sharing and deletion rights, and detects phishing pages.

Password Health

Breach scanner, strength audit, and reuse detection. Identify weak passwords before attackers do.

Under the hood

For developers and security auditors: the technologies behind VaultKeepR.

IPFS

Content-addressed, distributed storage for encrypted vault blobs

Open source

Core and clients auditable by the community

Smart Wallet

Standard wallet signing (EIP-191), no custodian

Argon2id

Memory-hard key derivation

S3 Cloud

Zero-knowledge encrypted file storage

FAQ

Frequently Asked Questions

Everything you need to know about VaultKeepR's architecture and security.

Ready to protect what matters?

Start in seconds. No account needed, no data collected.

Try free