Per-vault keys, AES-256-GCM
Everything stored is sealed with AES-256-GCM (Apple CryptoKit), authenticated encryption that protects both confidentiality and integrity.
Biometric vaults: each vault gets its own P-256 key generated inside the device’s Secure Enclave. The private key never leaves the chip and is released only after Face ID / Touch ID, it’s a hardware boundary, not a software check that can be bypassed.
Hidden vaults: there’s no stored key at all. The key is derived from your map spot plus a passphrase using Argon2id (a slow, memory-hard function) mixed with a device-bound secret, so a wrong spot or passphrase simply won’t decrypt, and a copied vault can’t be attacked off the device.
See the technical details for the full construction.