# vault1984 > *"If you want to keep a secret, you must also hide it from yourself."* A password manager where the server holds your vault and nothing else. Every other hosted vault encrypts your secrets and stores them centrally. The encryption is real. The problem is architectural: steal the database, and you have all the ciphertext you need — plus unlimited time to crack it offline. Iteration counts slow the attack. They don't prevent it. vault1984 is built around a different principle. **The server holds ciphertext it cannot decrypt.** Not policy. Architecture. --- ## How it works Three tiers. Each with a different trust model. ``` Tier 1 — Metadata (server-readable) Entry names, URLs, usernames. The server can see these. Knowing someone has a Coinbase account isn't an attack. Tier 2 — Credentials (agent-readable, server-opaque) Passwords, API keys, TOTP seeds, SSH keys. Encrypted with a key derived from your hardware authenticator. The server stores ciphertext it cannot read. Your AI agents decrypt locally. The server never sees plaintext. Tier 3 — Sealed (hardware-only) Card numbers, passport, government IDs, seed phrases. Encrypted with a symmetric key derived from WebAuthn PRF. Requires physical authenticator — Touch ID, YubiKey, Titan Key. Even a fully authorized AI agent cannot reach Tier 3. ``` Steal the database. You get Tier 1 metadata and encrypted blobs for Tier 2 and 3 that require hardware the server never had. The database is not interesting. --- ## The security model | Scenario | Tier 1 | Tier 2 | Tier 3 | |---|---|---|---| | Database stolen | Metadata only | Worthless ciphertext | Worthless ciphertext | | Server compromised | Plaintext (during request) | Ciphertext — server cannot decrypt | Not present | | Agent compromised | Via MCP | Decryptable by that agent | Not present | | Hardware key stolen + PIN | Everything | Everything | Everything | **Tier 2 key derivation:** X25519 keypair derived via HKDF-SHA256 from your WebAuthn authenticator's PRF output. Public key stored on server. Private key: derived client-side during browser session, baked into agent tokens at creation time. Server holds envelopes it cannot open. **Tier 3 key derivation:** Symmetric AES-256 key derived via HKDF-SHA256 from the same PRF output (independent branch). Browser-only. Never leaves the client. Both tiers derive from a single hardware authentication. One tap in the browser unlocks both. --- ## Quick start ```bash go build -o vault1984 ./cmd/vault1984/ ./vault1984 # Open http://localhost:1984/app/ # Register a passkey → vault is ready ``` No config files, no environment variables, no database setup. --- ## Managed hosting Don't want to run the server? We host it. Same cryptographic guarantees. We run the infrastructure. We cannot read your Tier 2 or Tier 3 fields — the architecture makes it impossible, not policy. → vault1984.com --- ## Features - **One binary** — Go, linux/mac/windows. FIPS mode available (`GOEXPERIMENT=boringcrypto`) - **One file** — SQLite per vault. Portable, copy it anywhere - **No master password** — WebAuthn only. Touch ID, Face ID, YubiKey, Titan Key, Windows Hello - **Three-tier field encryption** — per-field tier assignment, auto-detection on import - **AI agent integration** — MCP tools for `get_credential`, `get_totp`, `search_vault`, `list_credentials`, `check_expiring` - **Scoped tokens** — per-agent access by tags or entry IDs. Cryptographic scoping, not policy - **Auto-detection** — imports auto-flag card numbers, CVV, government IDs, recovery codes as Tier 3 across 15+ languages - **Auto-lock** — 60s idle + 15s countdown. Session and key cleared on lock - **TOTP generation** — agents can complete 2FA flows autonomously - **Browser extension** — Manifest V3, LLM field mapping, autofill on any site - **Native import** — Chrome, Firefox, Bitwarden, Proton Pass without LLM. Any format via LLM fallback - **Smart dedup** — collision resolution by source modification date - **Automatic backups** — weekly, 3-month retention, deterministic per vault ID - **Audit log** — every access logged with actor (web / extension / MCP / agent name) - **Multi-tenant** — hosted mode with `/v/{vault_id}/` route prefix --- ## MCP setup Create a token in the web UI (Tokens page): ```json { "mcpServers": { "vault1984": { "url": "http://localhost:1984/mcp", "headers": { "Authorization": "Bearer v1984_..." } } } } ``` The token contains both the MCP auth credential and the Tier 2 private key (wrapped). The agent decrypts Tier 2 fields locally. The server never sees the key. ### Available tools | Tool | Description | |------|-------------| | `get_credential` | Find and return a credential by query | | `list_credentials` | List all accessible entries | | `get_totp` | Get live TOTP code for 2FA | | `search_vault` | Full-text search across entries | | `check_expiring` | Find expiring credentials, cards, documents | Tier 3 fields return `[Sealed — hardware key required]` to agents. They are not accessible without a browser session and physical authenticator. --- ## Config All optional. Environment variables or `.env` in working directory. ```bash PORT=1984 # default DATA_DIR=. # directory for vault DB files MODE=self-hosted # or "hosted" for multi-tenant VAULT_KEY=... # optional server-side encryption key for Tier 1 FIREWORKS_API_KEY=... # for LLM import of unknown formats ``` --- ## Import Native parsing (no LLM) for: - **Chrome** — `chrome://settings/passwords` → export CSV - **Firefox** — `about:logins` → export CSV - **Bitwarden** — Settings → Export → JSON - **Proton Pass** — Settings → Export → JSON (zip or plain) Any other format: drag and drop, LLM parses it. Tier 3 auto-detection on import covers card numbers, CVV, government IDs (SSN, passport, driver's license, BSN, PESEL, etc.), recovery codes, and crypto wallets — in English, Dutch, German, French, Spanish, Portuguese, Italian, Chinese, Japanese, Korean, Russian, Arabic, Hindi, Turkish, Polish, Swedish, Thai, and Vietnamese. --- ## Backups Automatic weekly backups with 3-month retention. Each vault's backup slot is deterministic — the first byte of the vault ID maps to an hour of the week, spreading backup load evenly across nodes. Backups use SQLite `VACUUM INTO` for consistent snapshots stored in `{DATA_DIR}/backups/`. From the web UI: view all backups, trigger immediate backup, restore (current DB saved as pre-restore backup first). --- ## License [Elastic License 2.0](LICENSE) — free to use and self-host, not for resale as a managed service.