Security Policy
Security Architecture
ZeroKVault is built on a zero-knowledge architecture. All vault contents are encrypted client-side before reaching our servers. We never have access to your plaintext data, encryption keys, or seed phrases.
Data Protection
All data is encrypted in transit using TLS 1.3. Data at rest is stored on encrypted volumes. Vault contents benefit from an additional layer of client-side AES-256-GCM encryption.
Development Practices
We follow standard industry security practices. All code changes go through review and automated checks. We perform audit checks during the development and testing of new features. Dependencies are regularly audited for known vulnerabilities.
Infrastructure
Our infrastructure follows the principle of least privilege. Access controls, logging, and monitoring are in place across all systems.
Responsible Disclosure
If you discover a security vulnerability, please report it responsibly to security@zerokvault.com. We take all reports seriously and will respond promptly.