About KeysArk
KeysArk is an open-source, free, end-to-end encrypted vault for your passwords, keys, and secret text. Instead of trusting a vendor's database with your secrets, KeysArk encrypts everything in your browser and stores the ciphertext in a cloud drive you already own.
The principle: you hold the only key
Encryption and decryption happen only in your browser, with a key derived from a BIP39 recovery phrase that never leaves your device. Our server and your cloud drive only ever handle opaque ciphertext — a breach of either reveals nothing.
How it works
- Write down a 24-word BIP39 recovery phrase — it is your master key.
- The phrase derives an AES-256 key locally, right in the browser.
- Your content is sealed with
AES-256-GCMbefore anything leaves the device. - The ciphertext is stored in your own Google Drive or Baidu netdisk.
Open source and free
There are no accounts to buy and no subscription. The whole stack is public, so you can audit the cryptography line by line, or run your own instance. We never touch your storage and never charge you.
Who it's for
Developers stashing .env files and API keys, and anyone who wants genuine self-custody of their secrets — without handing the keys to a third party.
Get involved
KeysArk is open source. Read the code, audit the encryption, file issues, and send pull requests — links are in the header and footer.