Technical Overview

Encrypted Storage

XChaCha20-Poly1305 encryption. Argon2id KDF. Persisted as ciphertext to IndexedDB.

Memory Isolation

Keys exist only in WASM linear memory. Never touch the JS heap. Auto-zeroize on lock().

Typed API

vault.saveSecret(), vault.getSecret(), vault.listSecretKeys(). Full TypeScript definitions. No magic.

The Problem

Browsers weren't designed for secrets. localStorage is plaintext. DIY crypto is easy to misuse. Server roundtrips add latency and attack surface.

The Approach

P47H Vault — the local layer of P47H Edge Trust — moves cryptography into a WebAssembly sandbox compiled from standard, well-reviewed Rust crates. An open foundation, built to extend toward distributed trust.

Intentional Constraints

Not a password manager

No multi-device sync

Not a backend service

Constraints reduce attack surface.

Read the Docs