SECURITY_LEVEL: MAXIMUM

Secure Vault

Military-grade protection for your Web3 assets. Your keys never leave your device.

Zero-Knowledge Architecture

Aura OS is built on a "local-first" principle. Unlike many Web3 tools that store encrypted blobs in the cloud, Aura OS treats your machine as the only source of truth. The vault is an encrypted database stored directly on your hardware.

No Cloud Storage

Keys are never uploaded, backed up, or synced to any remote server. If your computer isn't on, your keys aren't accessible.

Invisible Input

Aura uses Linux-style silent input for passwords. Nothing is echoed to the screen, preventing "shoulder surfing" attacks.

Encryption Details

AES-256-GCM

We use the industry-standard Advanced Encryption Standard with a 256-bit key in Galois/Counter Mode. This provides both confidentiality and data integrity (authentication).

Argon2 Key Derivation

Your master password isn't just used as-is. It's passed through a high-memory, high-CPU Argon2 function to derive the actual encryption key, making brute-force attacks extremely difficult.

Vault Life Cycle

vault_lifecycle.sh

01 # On initialization

02 Generate unique machine salt

03 Derive key from Master Password

04 # On command execution

05 Prompt for Master Password (Silent)

06 Load encrypted fragment into memory

07 Decrypt, Sign, then PURGE memory

Security Recommendation

"Use a long passphrase instead of a short password. Entropy is your best friend."
Never share your master password. Aura OS team will never ask for it.

← AI Interpreter All Commands →