Quantum-Safe Vault

Quantum-safe encryption for files, images, and text. ML-KEM + Dilithium. PIN-sealed keys. Offline. Import/Export keys.

Quantum-Safe Vault brings post-quantum encryption to your browser — fully offline and zero-knowledge. Encrypt files, images, and text with ML-KEM-768 (Kyber) and AES-GCM, sign with Dilithium-65, and share safely using portable .pqc.json bundles. Private keys never leave your device and are sealed with your PIN. Why it’s different Post-quantum algorithms: ML-KEM-768 (key encapsulation) + Dilithium-65 (signing) Local-only: No servers, no telemetry, no background network calls PIN-sealed keys: Private keys encrypted at rest (PBKDF2-SHA-256 → AES-GCM) Clean UX: Drag-and-drop files/images, one-click text encrypt/decrypt Portable by design: Output is a self-contained .pqc.json you can store or send anywhere Sign & verify: Optional Dilithium signature adds sender authenticity to bundles Contacts & Messenger (offline): Import others’ public keys and compose signed, encrypted messages What you can do Encrypt files & images for yourself or a chosen contact Encrypt text in the popup and save it as a file Decrypt previously saved .pqc.json bundles Export/Import keys to move to a new device (private keys stay PIN-sealed) Export/Copy your public keys so people can encrypt to you Import contacts (public keys) and use the built-in Messenger to produce signed ciphertext messages How it works (simplified) Create your keys once and set a PIN (private keys are sealed with AES-GCM under your PIN). When you encrypt: the app derives a fresh AES key via ML-KEM with the recipient’s public key and saves { kemCt, iv, ct } into a .pqc.json bundle. Optionally, it signs that bundle with Dilithium-65 so recipients can verify it came from you. Decrypting requires your PIN to unwrap your private key, then it decapsulates the shared key and opens the AES-GCM payload. Privacy & permissions Data collection: None. We do not collect, transmit, or sell any personal data. Network access: None. The extension works fully offline. Permissions used: storage — store your encrypted keys and local settings downloads — let you save encrypted/decrypted files and key exports Notes & tips Keep your PIN safe. If you forget it, we cannot recover your private keys. For sharing, send the generated .pqc.json file. The recipient will decrypt locally. Use Options → Export My Public Keys so others can add you as a contact. Use Options → Backup/Restore to move devices (your private keys remain PIN-sealed). Built to protect today’s data from tomorrow’s attacks — without giving your data to anyone, including us.