Everything a reporter, reviewer, or researcher needs in one page.

THE STORY

What we built and why it is different

AppVault stores photos, videos, and documents in an AES-256-GCM encrypted container that does not appear in the iOS Photos app, in Spotlight, in iMessage attachments, in AirDrop suggestions, or in any third-party app with photo permission. Files inside the vault exist only as ciphertext on the device.

Three architectural choices separate AppVault from most apps in its category:

• No account, no servers. Most photo vault apps require an email registration and sync files through company-operated servers. AppVault has neither. There is no backend to subpoena, breach, or shut down.
• Hardware-bound key. The encryption key derived from the user's pattern is wrapped by a key generated inside the iPhone Secure Enclave. The Enclave key never leaves the chip. A copy of the encrypted vault lifted to a different iPhone will not decrypt even with the correct pattern.
• Calculator Launcher. AppVault can present on the home screen as a fully functional iOS calculator. A long-press on the equals key followed by the pattern opens the vault. The calculator does arithmetic — it is not a façade. Approved under Apple guideline 4.3 for alternate icons.

What we deliberately do not do

AppVault has no password reset, no support tool that can recover a forgotten pattern, no advertising, no third-party analytics SDKs, no telemetry, and no automatic cloud upload. These are not roadmap items. They are architectural commitments. The cost is that a forgotten pattern (without the optional written recovery passphrase) renders the vault permanently sealed. We accept that cost because every photo-vault breach since 2014 has happened through the recovery surface, not the cryptography.

Cryptographic stack — for security writers

Every claim on this site links to a primary source. The stack:

• Cipher: AES-256-GCM per file with a unique 96-bit nonce — NIST FIPS 197 + RFC 5116
• Key derivation: PBKDF2-SHA256, 600,000 iterations, per-install 128-bit salt — OWASP 2026 recommendation
• Hardware binding: Apple Secure Enclave wraps the PBKDF2 output — Apple Platform Security guide
• Catalog: encrypted with the same key as files. An attacker with raw flash access cannot enumerate files.
• Network: zero calls by default. Encrypted iCloud Backup is opt-in and client-side encrypted before upload.

The full technical writeup with threat model and audit status lives at appvau.lt/security. We are happy to walk reviewers through the implementation; email [email protected].

BRAND ASSETS

Logo, name, color, voice

AppVault is one word, two capitals: AppVault. Not "App Vault", not "Appvault", not "appvault". The lowercase form for URLs is appvau.lt.

The wordmark uses Fraunces at a medium weight. The lock symbol that pairs with it is a circular target with two crosshair tick marks in brass (#c9a961) on ink black (#0a0a0a). The cream paper background is #f5f1e8.

Brand assets in SVG and PNG, plus a one-page editorial photography pack, are available on request. Email [email protected] with a one-line subject and we will send a Dropbox link within a business day.

What we ask of writers

Two requests, both reasonable.

Verify the cryptographic claims before publishing them. Every claim on this site links to a primary source. We are happy to provide additional detail on request, including a walkthrough of the wrapping code, but we ask that reviewers confirm independently rather than restating our copy verbatim.

Do not frame Calculator/Decoy features as deception tools. The features exist for shared-device privacy, customs travel, journalism, legal practice, and medical confidentiality. Framing them as ways to "hide from your spouse" or "trick someone" is inaccurate and harms our App Review standing. We will provide quotes about the actual use cases on request.