The Vault supports multi-layer recovery:

• recovery key
• guardian signatures
• hardware seed phrase
• distributed secret sharing

Recovery does not expose attributes.

Only re-derives encryption keys and rotates control keys.

Backup & Restore (v0)

Backups must never leak plaintext or useful information.

A backup is:

{
  "vault_version": 1,
  "encrypted_master_key": "... optional ...",
  "items": [
    <encrypted_item>,
    <encrypted_item>,
    ...
  ]
}

Local Backup

Encrypted with:

• user password stretched with Argon2id
• plus a device secret

Cloud Backup (optional)

Encrypted with:

• user password (no server KMS)
• plus application secret baked into binary

Recovery Scheme Restore