EN DE
VeilVault Logo

Documentation

These docs explain VeilVault’s security boundaries, threat model, feature behavior, and permissions — in plain language, with explicit limits.

← Back to VeilVault

VeilVault documentation

VeilVault is a security-first, offline-only password vault developed by CodeVeil.

Your vault exists only on your device.
There are no accounts, no cloud sync, and no servers involved at any point.

VeilVault is designed for users who value control, privacy, and clear security boundaries over convenience features like cross-device access or password recovery.

What VeilVault is
  • A password manager that stores all vault data locally on the device
  • Fully functional without any network connection
  • Protected by a master password you control
  • Optional biometric unlock for convenience (never a replacement)
  • A one-time purchase with no subscriptions

You own your data. You are responsible for your access.

Orientation
What VeilVault is not

VeilVault intentionally does not provide:

  • Cloud sync or online backups
  • Accounts or identity-based recovery
  • Password reset or “forgot password” flows
  • Web access or browser extensions
  • Server-side storage of any kind

If you forget your master password, your vault cannot be recovered.

This is not a limitation. It is a deliberate design choice.

Boundaries

Start here

If you read only three pages, make it these. They define what VeilVault guarantees — and what it explicitly does not.

Security Model
What VeilVault guarantees and why those boundaries exist.
Core
Threat Model
What VeilVault protects against — and what it cannot.
Core
Limitations
Hard limits, failure modes, and the trade-offs you accept.
Core

Offline-only by design

VeilVault does not require internet access to function.

What that means
  • No data is transmitted off-device
  • No analytics or tracking services are used
  • No background network activity occurs

All encryption, unlocking, and data handling happen locally.

Offline
Security philosophy

VeilVault follows three core principles:

  1. Security over convenience
  2. Explicit user control over automation
  3. Clear, documented limitations instead of hidden assumptions

The app avoids silent behavior and favors predictable, user-approved actions.

Principles

Feature docs

Each feature is documented with its behavior and limits. If something sounds “too convenient to be safe,” the docs say so.

Autofill
How autofill works and what VeilVault does (and doesn’t) auto-do.
Feature
Password Generator
Local, ephemeral generation — nothing is saved unless you explicitly do it.
Feature
Biometric Unlock
Convenience gate. Never a replacement. Revoked for safety when needed.
Feature
Insights
Local-only overview: reuse, weak passwords, and vault stats.
Feature
Decoy Vault
Risk reduction under coercion — not deniability, not invisibility.
Feature
PanicHold
Fast conceal + lock behavior under pressure.
Feature

Privacy & permissions

VeilVault is offline-only and does not run tracking or analytics. This page documents what permissions exist and why.

Privacy & permissions
What VeilVault requests and what it never does.
Policy

← Back to VeilVault