The Livre Vault is the private storage environment of LIVRE OS.

It ensures that:

• user data never touches servers
• apps never see personal data
• proof generation happens privately
• keys remain under user control
• attributes, documents, certificates stay encrypted
• every action is user-authorized

This is the privacy engine of LIVRE OS.

It holds:

• encrypted private keys
• encrypted attribute values
• encrypted documents / certificates
• metadata needed to rebuild Merkle roots
• encrypted recovery material
• user secrets (optional)

The Vault can be:

• local (device)
• remote (self-hosted)
• hybrid (local + cloud sync)