VaultBridge

    VAULTBRIDGE

    Secure File Sharing

    VAULTBRIDGE
    Effective Immediately

    Privacy Protocol

    Security Level: Zero-Knowledge

    1. The Core Axiom


    We cannot disclose what we do not know.


    VaultBridge is architected to be "blind." We strictly limit our technical capability to collect data. If a government agency, hacker, or alien civilization demanded your data, we could only offer them encrypted static—mathematical noise that is useless without the keys held exclusively in your volatile memory.


    2. Live Clipboard Specifics


    When utilizing the Universal Live Clipboard feature:


  1. Transient State: Data is treated as a WebSocket "stream." It flows through our volatile memory (RAM) only to route it to your other devices.
  2. Encryption Layer: Content is wrapped in AES-256-GCM client-side. The server sees only the encrypted blob and the routing metadata.
  3. Persistence: Unlike Vault files, Clipboard data is NEVER written to disk. It vanishes instantly upon session termination or server restart.
  4. Termination: The "Burn" or "Terminate" command executes a cryptographic erase of your session keys locally and force-closes the server connection.

    5. 3. Data Collection Manifesto


    What We Collect (The Minimum Viable)

  5. Encrypted Blobs: The AES-256 encrypted binary data.
  6. Routing IDs (Partial Keys): We see the first 3 digits of your Access Code to route traffic. We DO NOT see the full 6-digit PIN used for decryption.
  7. Ephemeral Metadata: File size, upload timestamp, and expiration timer (TTL).
  8. Access Logs: IP addresses are logged for 24 hours strictly for DDoS mitigation and abuse prevention, then sanitized.

    9. Storage Architecture

  9. Multi-Cloud Redundancy: Encrypted blobs are distributed across Cloudflare R2 (Primary) and Supabase Storage (Secondary). We hold no keys for either.
  10. Memory-Only Mode: During database outages, the system fails over to volatile RAM. Metadata stored in this state is lost instantly upon server restart.

    11. What We DO NOT Collect

  11. Your Decryption Keys: The full 6-digit PIN never leaves your device. Even when sharing via QR Codes or direct links, the PIN is passed exclusively via URL hash fragments (#code), ensuring it is completely invisible to our servers and network logs.
  12. Your Content: Streaming decryption ensures even large files are never realized on our server's disk in plaintext.
  13. Lost Codes / PINs: We offer absolutely no code recovery options. If you lose your 6-digit access PIN, your encrypted data is permanently inaccessible. We cannot recover it for you because we never had it to begin with.
  14. Your Identity: No accounts. No emails.
  15. Analytics: No Google Analytics. No Facebook Pixels. No tracking cookies.

    16. 4. Infrastructure


    Our servers act as a blind courier. They take a locked briefcase (your encrypted data) from Point A and hand it to Point B. They do not have the key to the briefcase, nor do they care what is inside.


  16. Hardware-Accelerated Edge Loading: We use dynamic ultra-fast edge loading with native splash screens to minimize time-to-interact to near zero milliseconds. No data rests in these edge caches.
  17. Adaptive Streaming: Large files are piped directly to your browser without caching fully on our side.
  18. Volatile Fallback: We maintain a "break-glass" in-memory database that activates automatically if our primary storage goes dark, ensuring uptime without persistence.