How Lastkey keeps your vault private and what data we store.
Lastkey is designed to be zero-knowledge: your vault content is encrypted on your device before it is uploaded.
Your vault master key is split into three shares (2-of-3 required):
No single system can decrypt your vault by itself.
Invite links include a fragment key after the # symbol. Browsers do not send fragments to the server, so the key stays in the user's browser and never hits backend logs.
For deeper detail, visit the full Security overview.
Need more detail? Browse security or longer guides.