Fundamentals
P47H Vault is built on four simple concepts. We don’t roll our own cryptography — we use exclusively audited Rust libraries.
Vault
An encrypted container that stores key-value pairs. Think of it as localStorage but where everything is saved encrypted. One passphrase unlocks your vault; without it, the data is unreadable.
Master Key
Your passphrase is never used directly. We use Argon2id (the current standard for key derivation) to convert it into a 256-bit cryptographic key. This process is intentionally slow to protect against brute-force attacks.
WASM Isolation
All cryptography happens inside a WebAssembly module compiled from Rust.
Keys live in isolated memory that JavaScript cannot inspect. When you
lock the vault with lock(), memory is
zeroized before being released.
Local Storage
Encrypted data is persisted to IndexedDB, the browser’s database. Storage only sees ciphertext — never the original data. If someone accesses your IndexedDB, they’ll only find incomprehensible bytes.
About the cryptography: We use
chacha20poly1305 for authenticated
encryption (same as WireGuard), argon2
for key derivation, and ed25519-dalek for
digital signatures. All are open-source, audited, and widely adopted
libraries.