at rest
the hard question
What happens when
they come for us?
worst case
Your secret vendor gets breached.
stillvault cloud · db dump
● breached
prod/db-primary
████████████████
prod/stripe-key
██████████████
prod/root-ca
█████████████████
org/acme/key
████████████
Every row is ciphertext.
The keys were never here.
the legal case
A subpoena demands your keys.
SUBPOENA · DUCES TECUM
▸ produce decryption keys for
org=acme, all secrets
▸ produce plaintext of
prod/db-primary
we have none to produce
where your keys actually live
Born and dying inside your approver's phone.
secure hardware
WebAuthn PRF · Secure Enclave
unwrap key
derived here,
never exported
the only way in
A live human, behind a biometric.
release request
prod/db-primary
Countersign
countersigned · plaintext lives only in your app, for one use
Breach us.
Subpoena us.
You get ciphertext.
stillvault
stillvault.ai
space
play ·
← →
beat ·
R
restart ·
C
clean ·
F
full
▶ play
↻
title
· beat
0
/
0
· 96 BPM