Security Architecture

WARDKEY is built on zero-knowledge vault encryption with a local-first security model. Your vault data is encrypted before it ever leaves your device. We never have access to your passwords. Optional AI features send only anonymized metadata — never passwords — to our servers for analysis.

🔒

AES-256-GCM

Authenticated encryption using proven cryptographic standards. The same algorithm used by governments and financial institutions worldwide.

🔑

PBKDF2 (600K Iterations)

Your master password is strengthened with 600,000 rounds of PBKDF2-SHA256. Meets current OWASP recommendations for PBKDF2-SHA256 (600,000 iterations).

🛡️

Zero-Knowledge Vault Encryption

We never see your master password or decrypted vault data. Even if our servers were compromised, your vault remains encrypted.

📱

Local-First

Your vault lives on your device. Cloud sync is optional and always encrypted end-to-end.

Encryption Overview

Every piece of data you store in WARDKEY — passwords, payment cards, secure notes, TOTP keys — is encrypted using AES-256-GCM (Galois/Counter Mode), an authenticated encryption algorithm that provides both confidentiality and integrity.

How Your Vault Is Protected

Master Password

→

PBKDF2-SHA256
600,000 iterations

→

256-bit AES Key

→

AES-256-GCM
Encrypt vault

→

Encrypted Blob
Stored locally / synced

Key Derivation

Your master password is never stored or transmitted. Instead, it is used to derive two cryptographic keys:

Purpose	Algorithm	Iterations	Hash	Output
Encryption key	PBKDF2	600,000	SHA-256	256-bit AES-GCM key
Verification hash	PBKDF2	310,000	SHA-512	256-bit verification token

The verification hash is used solely to confirm you entered the correct master password — it is not the encryption key and cannot be used to decrypt your vault.

Encryption Process

A random 16-byte salt is generated when you create your vault (using crypto.getRandomValues())
Your master password + salt are processed through PBKDF2 (600K iterations, SHA-256) to produce the 256-bit encryption key
A random 12-byte IV (initialization vector) is generated for each encryption operation
Your entire vault (JSON object) is encrypted using AES-256-GCM with the derived key and IV
The encrypted output includes a GCM authentication tag that detects any tampering

Vault Format (v4)

{
  "v": 4,                          // Format version
  "salt": [/* 16 random bytes */], // PBKDF2 salt
  "verify": "base64...",           // Verification hash (PBKDF2 310K SHA-512)
  "data": {
    "iv": [/* 12 random bytes */], // AES-GCM initialization vector
    "ct": [/* N bytes */]          // AES-256-GCM ciphertext + auth tag
  }
}

The salt and IV are not secret — they are random values that ensure each encryption is unique. The security of your vault depends solely on your master password and the derived key.

Authentication Security

Account Passwords

Your cloud account password (used for login) is separate from your master password. Account passwords are:

Hashed using bcrypt with an appropriate cost factor before storage
Never stored in plaintext on our servers
Protected by rate limiting and brute-force detection

Two-Factor Authentication (2FA)

WARDKEY supports TOTP-based two-factor authentication for cloud accounts:

Standard TOTP algorithm (RFC 6238) with 30-second time steps
Compatible with authenticator apps (Google Authenticator, Authy, etc.)
2FA secrets are encrypted at rest on the server
Login requires both password and 2FA code when enabled

Session Management

Authentication uses JSON Web Tokens (JWT) with expiration
Tokens are stored securely and never exposed to third parties
Sessions can be terminated by logging out

Browser Extension Security

Permissions

The WARDKEY browser extension requests only the minimum permissions necessary:

Permission	Why
`activeTab`	Detect login forms and autofill credentials on the current tab only
`storage`	Store encrypted vault data locally
`contextMenus`	Right-click menu for quick password generation
`alarms`	Auto-lock timer after period of inactivity
`clipboardWrite`	Copy passwords to clipboard when you click "Copy"
`<all_urls>` (host)	Detect login forms and autofill credentials on any website — no page content is read or collected

Content Script Isolation

Content scripts only interact with login form fields (input[type="password"], email/username fields)
No page content, DOM, or JavaScript is read beyond form field detection
All communication between content script and extension uses Chrome's secure messaging API
The extension never injects scripts that can access page JavaScript context

Local Vault Storage

Encrypted vault is stored in chrome.storage.local (sandboxed per-extension)
Auto-unlock sessions use chrome.storage.session (cleared when browser closes)
No data is stored in cookies, localStorage, or other web-accessible storage

Cloud Sync Security

End-to-End Encryption

When cloud sync is enabled:

Your vault is encrypted on your device before upload
Only the encrypted blob is transmitted to our servers
All data in transit is protected by TLS 1.2+
Our servers store only the opaque encrypted blob — we cannot decrypt it
When you sync to another device, the encrypted blob is downloaded and decrypted locally using your master password

Conflict Resolution

Each vault upload includes a version number. If the server detects a version conflict (another device uploaded a newer version), the sync is rejected with a conflict error, preventing data loss.

Server Infrastructure

All server communication uses HTTPS (TLS 1.2+)
Database encrypted at rest
Encrypted vault blobs are the primary data store — no plaintext vault data exists on our servers
Server access is restricted and monitored

Application Security

Brute-Force Protection

5 failed unlock attempts trigger a progressive lockout: 1 minute → 5 minutes → 15 minutes → 1 hour
Lockout state is persisted across page reloads and browser sessions
Server-side rate limiting on authentication endpoints
In-memory exponential backoff provides additional delay within a session

Auto-Lock

Vault automatically locks after 5 minutes of inactivity
Optional tab-switch lock: vault locks 30 seconds after you switch away from the tab
On lock, the master key, vault data, and all sensitive material are wiped from memory
Clipboard is cleared of any copied passwords

Memory Protection

When the vault is locked, WARDKEY performs a comprehensive secure clear:

Encryption key is nulled
Vault salt and verification hash are nulled
Vault object is cleared
All password fields in the DOM are emptied
Clipboard is cleared

Password Generation

WARDKEY uses the Web Crypto API (crypto.getRandomValues()) for all random number generation. This provides cryptographically secure random values sourced from the operating system's entropy pool — the same source used for TLS key generation.

What Happens If...

💥

Our servers are breached

Attackers get only encrypted blobs they cannot decrypt. Your vault remains secure — protected by your master password and AES-256-GCM.

👤

A rogue employee

No employee has access to decryption keys. Server data is opaque encrypted blobs. Zero-knowledge vault encryption means zero access.

⚖️

A legal subpoena

We can only hand over encrypted data. We have no ability to decrypt it, and no key escrow or backdoor exists.

🔓

You forget your master password

We cannot recover your data. This is by design — it means nobody else can either. Keep your master password safe.

Share Link Security

WARDKEY's secure sharing uses URL fragment encryption — the same approach used by services like Firefox Send:

A random 256-bit AES key is generated on your device
The credential is encrypted with AES-256-GCM using this random key
Only the encrypted data is uploaded to our server
The decryption key is placed in the URL fragment (after the #) — this part is never sent to the server by browsers
The recipient's browser decrypts the data locally using the key from the URL fragment

Share links can be configured with a maximum view count and expiration time. Once exhausted or expired, the encrypted data is deleted from the server.

Breach Scanner Security

WARDKEY checks your passwords against the Have I Been Pwned Pwned Passwords database using a k-anonymity model:

Your password is hashed locally using SHA-1 via the Web Crypto API
Only the first 5 characters of the hash (the prefix) are sent to the server
The server queries the HIBP API with this prefix and returns all matching suffixes
Your browser checks locally whether the full hash appears in the returned results

This means neither our server nor HIBP ever receives enough information to determine your actual password. The k-anonymity model is the industry standard approach used by 1Password, Firefox Monitor, and others.

Emergency Access Security

WARDKEY's emergency access feature allows you to designate trusted contacts who can request access to your vault:

Invitation: Emergency contacts receive an email invitation with a unique, cryptographically random token (24 bytes)
Email verification: The contact must log in with the same email address the invitation was sent to
Waiting period: When access is requested, you are notified and have a configurable waiting period (24 hours, 48 hours, or 7 days) to deny the request
Grantor control: You can approve access early, deny the request, or remove the contact at any time
No automatic vault transfer: Approval grants permission to request a vault export — your encrypted vault is not automatically shared

AI Feature Data Handling

WARDKEY offers optional AI-enhanced features (Password Analyzer, Security Report, Phishing Detector) that use Anthropic's Claude AI for analysis. When you activate these features:

Password Analyzer & Security Report: Anonymized vault metadata is sent — password strength scores, character class distributions, item counts, reuse counts, and age metrics. Your actual passwords, usernames, URLs, and vault item names are never sent.
Phishing Detector: The text or URL you paste is sent for analysis. Do not paste content containing passwords or sensitive credentials
AI features are entirely optional — you can use WARDKEY without ever activating them
Data sent for AI analysis is processed by Anthropic's Claude and is not stored by Anthropic after processing
Free plan users receive 3 AI analyses per day; Pro users receive expanded limits

Vulnerability Disclosure

We take security seriously. If you discover a security vulnerability in WARDKEY, please report it responsibly:

Email: wardkey047@gmail.com
Include a detailed description of the vulnerability and steps to reproduce
Allow reasonable time for us to investigate and fix the issue before public disclosure
Do not access, modify, or delete other users' data

We are committed to working with security researchers and will acknowledge valid reports. We will not pursue legal action against researchers who follow responsible disclosure practices.

Compliance

Regulation	Status
GDPR (EU)	Designed for compliance — zero-knowledge vault encryption, data minimization, user rights honored
CCPA/CPRA (California)	Compliant — no data sales, user deletion rights, transparent practices
SOC 2	Planned
HIPAA	Not currently HIPAA-certified; do not store protected health information

Open Questions?

Security is a conversation, not a checkbox. If you have questions about our security practices or want more technical details:

Email: wardkey047@gmail.com
Address: 444 Alaska Avenue, Suite #AHA780, Torrance, CA 90503, USA