ZeroBit Vault
Your secrets are encrypted with a key that does not exist until an attacker tries to read it. Then it briefly exists.
ZeroBit Vault is a secrets management platform whose encryption keys exist in a state of pre-creation until accessed. When an attacker attempts to retrieve your secret, the key is generated, used to encrypt the response, and immediately destroyed. The legitimate user receives the secret in plaintext, somehow.
Capabilities
What it does. Or appears to do.
/feature/01
Quantum key generation
Keys are generated from quantum noise, attacker frustration, and a small entropy contribution from our intern's playlist.
/feature/02
Just-in-time decryption
Decryption happens at the moment of access, then the laws of physics are restored.
/feature/03
Audit log
Every access is logged. The log is also encrypted with a key that does not exist.
Spec sheet
By the numbers (unverified).
| Encryption | AES-256-MAYBE |
| Key entropy | Yes |
| Compliance | SOC 2, HIPAA, FedRAMP-curious |
| Pricing | From $400 / month per vault. |
Customer outcomes
Statements made by people, allegedly.
“We have not been breached because the attackers cannot find the surface.”
S. Vega
SRE · Lumon
Frequently entangled questions
Things people have asked, in some branch.
What if I forget my master password?+
We forget it too. The vault becomes a closed system.
Is this just hashing with extra steps?+
No. The extra steps are what make it work.
◇ Ready to deploy?
Bring ZeroBit Vault into your stack.
Or don't. The product will continue to exist either way, in some form, somewhere.