Decentralized Sync: How Automerge CRDT and IPFS Power VaultKeepR

Most password managers synchronize your vault by sending your encrypted database to their central cloud servers. When you add a password on your phone, it goes to their server, which then pushes it to your laptop.

This model is simple, but it introduces major flaws:

1. Centralized Targets: The provider's database holds millions of encrypted vaults in one place, creating a massive target for hackers.
2. Single Point of Failure: If the company's servers go down, you cannot sync your devices or access new credentials.
3. Data Loss on Conflicts: If you edit a credential on your phone while offline, and change the same credential on your laptop, the server typically overwrites one with the other, resulting in lost data.

VaultKeepR replaces this model with a fully decentralized, conflict-free synchronization engine. By combining Automerge CRDTs with IPFS and Account Abstraction, we ensure your devices stay synchronized without a central server, and without requiring you to manage external crypto wallets.

Conflict-Free Replicated Data Types (CRDTs)

To allow offline editing and multi-device sync without data loss, VaultKeepR uses Automerge, a library implementing Conflict-free Replicated Data Types (CRDTs).

Instead of treating your vault as a single static file that gets completely overwritten during updates, CRDTs view your vault as a chronological log of changes (a collaborative document).

How Automerge Resolves Conflicts

When you edit your vault on two different devices simultaneously:

• Field-Level Merging: If you change a password on your phone and update the notes of the same account on your laptop, Automerge merges both edits automatically. Traditional systems would overwrite the entire entry; VaultKeepR merges them at the field level.
• Deterministic Resolution: If you change the same exact field (e.g. updating the password to two different values), Automerge resolves the conflict deterministically across all devices. No data is deleted; the history of changes is preserved, allowing you to view and restore previous versions if needed.
• Offline First: You can edit your vault on a plane, in a subway, or anywhere offline. As soon as you reconnect, your local changes merge seamlessly with the network state.

Storage on IPFS (InterPlanetary File System)

Once Automerge generates the binary change log, it is compressed and encrypted client-side using XChaCha20-Poly1305. This encrypted binary is then published to IPFS.

IPFS is a decentralized, peer-to-peer storage network where files are retrieved by their unique cryptographic content identifier (CID), rather than a physical server address.

1. No Central Database: Your vault is split and stored across multiple nodes on the IPFS network.
2. Content Addressing: The CID of your encrypted vault changes every time you make an update. This content-based addressing makes the database tamper-proof.
3. Availability: VaultKeepR utilizes a multi-gateway fallback system (ipfs.vaultkeepr.xyz and public gateways) to ensure your data is always reachable, even if some gateways are offline.

The Sync Chain: No Wallets, Just Smart Contracts

How does your phone know the CID of the vault your laptop just uploaded?

Traditional Web3 apps require you to connect a crypto wallet, sign a transaction, and pay gas fees to update data on the blockchain. VaultKeepR removes this entire barrier using ERC-4337 Account Abstraction:

• On-Chain CID Registry: The latest CID of your vault is registered in our VaultKeeperCidRegistry smart contract on Base L2.
• Sovereign Identity: When your device syncs, it queries the smart contract for the current CID matching your biometric identity.
• Automated and Free: The registry update happens automatically in the background. A Paymaster sponsors the gas fees, so you never see transaction prompts or wallet interfaces.
• Absolute Privacy: The blockchain registry only stores your public smart account address and the encrypted vault CID. No usernames, no passwords, and no metadata are ever exposed on-chain.

Comparing Sync Models

Feature	Centralized Sync (1Password, Bitwarden)	Decentralized Sync (VaultKeepR)
Storage Location	AWS / Corporate Cloud Servers	Peer-to-Peer IPFS Network
Sync Resolution	Server-side overwrite (Last write wins)	Client-side Automerge CRDT (Field-level merge)
Offline Edits	Can cause conflicts or sync blocks	Merge seamlessly when online
Data Integrity	Dependent on server database state	Cryptographically verified on-chain registry
Wallet Required	No	No (automated via Account Abstraction)

Conclusion

By combining Automerge CRDTs and decentralized IPFS storage with the seamless user experience of Account Abstraction, VaultKeepR offers the perfect sync engine: the convenience of cloud synchronization, the privacy of local-only storage, and absolute resistance to data conflicts.

---

Experience decentralized, serverless data synchronization today. Download VaultKeepR on all your devices.