FAQ

Sanctum is a zero-trust, client-side encrypted vault system providing cryptographically sound plausible deniability through passphrase-derived hidden layers with decentralized IPFS storage.

Sanctum creates three layers: a decoy layer (optional, shown with decoy password), a hidden layer (your real secrets, shown with hidden password), and a panic layer (shows "vault deleted" with panic password). All layers are cryptographically indistinguishable, making it impossible to prove hidden content exists.

Yes. All encryption happens client-side in your browser using XChaCha20-Poly1305 with Argon2id key derivation. Your keys never touch our servers. Data is stored encrypted on IPFS.

This is a security feature. Duress vaults always upload 2 encrypted blobs (decoy + hidden) to prevent metadata analysis. Even empty blobs are indistinguishable from real data, maintaining plausible deniability.

Your data is lost forever. There is no recovery mechanism by design. Always save your vault links securely in a password manager or print QR codes.

Yes. Vaults auto-destroy based on your chosen duration (1 week, 1 month, 3 months, 6 months, or 12 months). You can also manually delete files from Pinata or Filebase dashboards using the CID (shown after vault creation). Without the vault link, the encrypted data remains inaccessible anyway.

Maximum 25 MB per file. Supported formats: .zip and .rar archives.

Yes, 100% free. We use free tiers from Pinata (1GB) and Filebase (5GB) for IPFS storage. No credit card required.

The panic password is a required third password that shows "vault deleted" when entered. Use it under duress to make attackers believe the vault was destroyed. Combined with the panic key (double-press Escape) and auto-lock after 5 minutes, this provides multiple layers of emergency protection.

Threat: Coerced to reveal passphrase under torture/violence.
Countermeasure: Reveal decoy passphrase only. Adversary sees funded wallet + innocent files. Cannot cryptographically prove hidden layer exists. Plausible deniability protects you.

Threat: Device seized, disk forensics performed to recover keys.
Countermeasure: RAM-only storage. No localStorage/sessionStorage for keys. All sensitive data cleared on tab close. Ephemeral salts regenerated per session. Immune to disk carving and SSD wear-leveling recovery.

Threat: Adversary analyzes blob sizes to detect hidden layers.
Countermeasure: Deterministic padding to standard sizes (1KB, 10KB, 100KB, 1MB, 10MB). All vaults same size class look identical. Even empty decoys padded to minimum size.

Threat: Measure decryption time to detect which layer unlocked.
Countermeasure: Constant-time decryption. Both layers always attempted regardless of success. Timing difference <15% (tested). Cannot distinguish decoy from hidden unlock.

Threat: Adversary attempts to brute-force weak passphrases.
Countermeasure: Argon2id KDF with 256MB memory + 3 iterations. Computationally infeasible to brute-force. Use 6+ Diceware words (77 bits entropy). Rate limiting: 5 attempts/min per vault.

Threat: Government seizes Pinata/Filebase servers.
Countermeasure: Data encrypted before upload. Providers only see encrypted blobs. Without passphrase + vault link, decryption impossible. Use multiple providers for redundancy.

Threat: Attacker compromises Cloudflare D1 database.
Countermeasure: Split-key architecture. KeyA in URL (never server-side). KeyB encrypted in DB. CIDs encrypted with master key. Attacker gets encrypted metadata only. Cannot decrypt vaults or access IPFS content.

Threat: Analyze vault metadata to detect patterns.
Countermeasure: All vaults upload 2 blobs (decoy + hidden) regardless of content. Consistent structure prevents pattern analysis. CIDs encrypted. No IP logging. Use Tor Browser for anonymity.

Threat: Malicious browser extension logs passphrases.
Countermeasure: Extension warning on page load. Recommend disabling extensions before vault creation. Use private/incognito mode. Consider Tor Browser (no extensions).

Threat: Prolonged coercion to reveal all layers.
Countermeasure: Your safety > data security. Reveal decoy layer. Adversary cannot prove hidden layer exists. If threatened with violence, comply with decoy. Cryptography protects hidden layer. Self-host + Tor for maximum security.

Threat: Adversary intercepts vault link during transmission.
Countermeasure: Never share links over unencrypted channels (SMS, email). Use encrypted messaging (Signal, Session). Store in password manager (KeePassXC, Bitwarden). Print QR code for physical backup. KeyA in URL is useless without passphrase.

Threat: Government compels service to backdoor encryption.
Countermeasure: Warrant canary updated quarterly. If removed/not updated >90 days, assume compromise. Self-host immediately. Client-side encryption prevents server-side backdoors. Open-source code auditable.

Threat: Attacker performs memory dump or cold boot attack to extract keys from RAM.
Countermeasure: Keys isolated in Web Worker memory. Auto-cleared on idle (5 min). Panic key (double-Escape) instant wipe. Use full disk encryption (BitLocker/LUKS). Power off device when not in use.

Threat: ISP or government blocks access to sanctumvault.online or IPFS gateways.
Countermeasure: Self-host on localhost. Use Tor Browser (.onion support planned). Access IPFS via multiple gateways (ipfs.io, dweb.link, cloudflare-ipfs.com). VPN + DNS-over-HTTPS bypass censorship.

Threat: Mobile OS keylogger or screen recording malware.
Countermeasure: Use desktop with Tor Browser for high-risk vaults. On mobile: disable keyboard suggestions, use password manager autofill, check for suspicious apps. iOS Lockdown Mode recommended.

Threat: Adversary observes password entry via camera or over shoulder.
Countermeasure: Use password manager autofill. Cover screen when entering passwords. Check for cameras in sensitive locations. Use privacy screen protector. Memorize passwords to avoid writing them down.

Threat: Attacker captures and replays authentication tokens.
Countermeasure: No session tokens used. Each unlock requires full password + vault link. Auto-lock after 5 min. No cookies or persistent auth. HTTPS-only prevents MITM.

Threat: Malicious code injected into dependencies or build process.
Countermeasure: Open-source code on GitHub. Reproducible builds. Subresource Integrity (SRI) for CDN assets. Audit dependencies regularly. Self-host to avoid CDN compromise. Verify commit signatures.

Threat: Machine learning models trained on leaked passwords to predict passphrases.
Countermeasure: Use Diceware (random words from 7776-word list). Avoid common phrases, song lyrics, quotes. 6+ words = 77 bits entropy (uncrackable). Argon2id makes each guess expensive (256MB RAM + 3 iterations).

Threat: Unpatched browser vulnerability allows code execution.
Countermeasure: Keep browser updated. Use Tor Browser (hardened Firefox). Enable site isolation. Disable JavaScript for non-essential sites. Use virtual machine for high-risk operations. Consider Qubes OS for compartmentalization.

Threat: Adversary correlates vault creation time with IPFS upload time to identify users.
Countermeasure: Use Tor Browser (hides IP, adds latency noise). Upload via VPN. Delay vault sharing by hours/days. Use public WiFi (not home network). Batch multiple vault creations to obscure patterns.