Vault Encryption Format
Written by Russo β’ Updated: July 2025
Locanox uses a custom vault format designed for offline-first security. The .locavault file is an encrypted container that stores your AI memory, private keys, encrypted files, notes, preferences, and all relevant session data, all locked behind a single passphrase that only you control.
This format ensures that your data remains intact and completely private, whether youβre offline or using Private Online Mode. Nothing inside the vault is accessible to Locanox itself, and there is no recovery system. Only you can decrypt and manage your vault.
The encryption is handled locally using modern standards like AES-256-GCM combined with memory-hard key derivation functions such as Argon2. This makes brute-force and offline attacks highly impractical, even if the vault file is stolen. Everything is sandboxed: no temporary files, no sync, no leak.
π Vault Structure Overview
The .locavault file contains several encrypted compartments:
β’ wallet.key β Your locally generated private keys
Stores all wallet private keys and seed phrases in encrypted format.
β’ memory.ai β Encrypted AI memory (queries, context)
Contains your AI conversation history and learned preferences.
β’ files.enc β Files, notes, and any encrypted uploads
Encrypted storage for documents, notes, and uploaded files.
β’ prefs.json β Local app preferences/settings
Your application settings and configuration data.
β’ vault.meta β Metadata like version, timestamps, etc.
File format version and creation/modification timestamps.
Security Features
The vault encryption system provides:
- AES-256-GCM Encryption: Military-grade encryption for all data compartments
- Argon2 Key Derivation: Memory-hard function that resists brute-force attacks
- Single Passphrase: One master password unlocks your entire vault
- No Recovery System: Complete user control with no backdoors or recovery options
- Portable Format: Can be backed up manually via USB, SD card, or QR code
The vault is portable, exportable, and can be backed up manually, giving you complete control over your data without any cloud dependencies or external recovery mechanisms.