Skip to content

Vault Messaging Security

Overview

Vault Messaging Security describes the protection model behind UnoLock's address-based messaging. It supports legacy Safe-to-Safe (EyesOnly) and Receive Address (VaultX) flows, with per-address keys, policy controls, and reply-only protections for Free and Inheritance tiers. The design goal is simple: minimize metadata, maximize compartmentalization, and keep trust boundaries tight.\n+\n+In short, it is zero-knowledge by design and ruthless about limiting relationship graphs.

How It Works

  • Hashed Receive Addresses: Receive Addresses are hashed client-side and sent as vaultxAddressHash, keeping raw addresses off the server.
  • Client-side encryption: Messages are encrypted locally with ML-KEM-1024 + AES-256-GCM before upload.
  • Per-address keys: Each Receive Address has its own keypair to limit blast radius.
  • Reply-only binding: Reply addresses are bound to a specific sender to prevent reuse or abuse.
  • Anonymous intake: External senders can use the VaultX Drop Client without creating a Safe.
  • Policy enforcement: usage limits and throttles reduce abuse and flooding at the address level.

Security Implications

  • Metadata hardening: Servers route encrypted payloads and see only hashed addresses for Receive Address flows.
  • Compartmentalization: Compromising one address does not expose other conversations.
  • Tier separation: Sovereign/HighRisk can create Receive Addresses; Free/Inheritance can receive and reply via bound addresses.

Use Cases

  • Secure coordination: Two-way messaging between trusted Safes with address-based compartmentalization.
  • Anonymous intake: Receive tips or disclosures via a shareable Receive Address link.
  • Controlled exposure: Use short-lived or rate-limited addresses for high-risk interactions.

FAQs

Can UnoLock read Vault messages?

No. Messages are encrypted client-side and decrypted only inside the recipient's Safe.

How are Receive Addresses protected?

Receive Addresses are hashed on the client, and each address has its own keypair and policy controls.

Can Free tier users send new messages?

Free and Inheritance tiers can receive and reply using bound reply-only addresses, but cannot create new Receive Addresses.

Compliance & Privacy Regulations

  • GDPR Alignment: Vault Messaging avoids storing raw recipient addresses and keeps content client-side encrypted.

Integration with Other Features

  • Post-Quantum Encryption Security: ML-KEM-1024 + AES-256-GCM protect message confidentiality.
  • Threat Detection: Runtime monitoring helps detect tampering during sensitive messaging flows.

Back to Security Overview