Skip to content

UnoLock VaultX

Overview

UnoLock VaultX is the Receive Address + Drop Client system for anonymous, high-risk messaging. A recipient creates a Receive Address inside their Safe and shares it (or a shareable URL). Anyone can use the VaultX Drop Client to send encrypted messages and files to that address without creating an account. It is built for moments where identity exposure is the threat and silence is survival.

VaultX is built for first-contact scenarios -- whistleblowing, legal intake, investigative tips, and sensitive disclosures where minimizing metadata is the difference between safety and exposure.

How It Works

  • Receiver creates a Receive Address: each address has its own keypair and policy controls.
  • Share the address or URL: the shareable link opens the VaultX Drop Client with the address prefilled.
  • Sender message: optional public note shown to the sender before they submit.
  • Sender uses the Drop Client: no login required; the client encrypts locally and uploads the sealed payload.
  • Hashed addressing: the Receive Address is hashed client-side and sent as vaultxAddressHash.
  • Recipient decrypts in Messaging: VaultX drops appear in the Safe's messaging inbox and are decrypted client-side.

Security Implications

  • No account required: senders do not need a Safe to deliver a message.
  • Address privacy: the server never receives raw Receive Addresses, only hashes.
  • Per-address keys: each Receive Address isolates risk to a single conversation stream.
  • Policy controls: enforce usage limits, throttling, and attachment rules per address.
  • Optional extra anonymity: access the Drop Client via Tor for additional network privacy.

Use Cases

  • Whistleblowing and tips: enable anonymous submissions without creating accounts.
  • Legal and journalism intake: publish a single-use or rate-limited Receive Address for sensitive sources.
  • High-risk one-off exchanges: rotate addresses after a short window to reduce exposure.

Why It Matters

VaultX makes anonymous first contact practical. It reduces setup friction for senders, keeps raw addresses off the server, and gives recipients real control over exposure with per-address limits and throttles. In short: it lets truth reach you without leaving a trail.

FAQs

Do I need a Safe to send a VaultX message?

No. The VaultX Drop Client is designed for anonymous senders who do not have a Safe.

What is a Receive Address?

A Receive Address is a shareable VaultX address with its own keypair and policy limits. The server stores only the hashed version.

Can I revoke or rotate an address?

Yes. Receive Addresses can be disabled or deleted at any time to prevent new messages.

Compliance & Privacy Regulations

  • GDPR Alignment: VaultX avoids storing raw sender identities and keeps content client-side encrypted.

Integration with Other Features

  • Post-Quantum Encryption: ML-KEM-1024 + AES-256-GCM protect VaultX payloads against future cryptographic threats.
  • Threat Detection: Runtime monitoring helps detect tampering in the Drop Client and Safe workflows.

Back to Features Overview