Security Designed for Sensitive Digital Legacy Content

How Legyra protects vault content with client-side encryption, device-held keys, and privacy-first release controls.

Client-Side Encrypted Vault Content

Vault content is encrypted before it reaches Legyra.

Your vault content is encrypted on your device using locally protected key material. Legyra stores encrypted vault payloads and service records needed to operate accounts, contacts, subscriptions, and release workflows. Some account or operational metadata may be processed to run the service, but sensitive vault content is not stored as readable plaintext on our servers.

Your Device

Vault content is encrypted and decrypted locally.

Our Servers

Encrypted vault payloads and service records.

Encrypted Data (What we see)

7f4a9c2e1b8d6f3a5c7e9b4d2f6a8c1e3b5d7f9a2c4e6b8d1f3a5c7e9b2d4f6a8c
3e5b7d9f1a3c5e7b9d2f4a6c8e1b3d5f7a9c2e4b6d8f1a3c5e7b9d2f4a6c8e1b
9b2d4f6a8c1e3b5d7f9a2c4e6b8d1f3a5c7e9b2d4f6a8c1e3b5d7f9a2c4e6b8d

Device-Held Security

Your device and PIN work together.

Device Key Material

Key material is protected on your device where supported

Vault PIN

A private code used locally to unlock your vault

The vault key is derived and protected on the device using your vault PIN and local key material. This raises the bar for remote attackers, but no security model is absolute; you should still protect your device, PIN, and backups.

Emergency Access Safeguards

Designed for high-pressure scenarios.

Legyra includes duress-aware controls in the backend and app architecture. Availability of the mobile duress flow depends on current app configuration; when enabled, it is intended to reduce exposure of real vault content and help trusted contacts understand a potential emergency.

Normal unlock: opens your actual vault content.

Emergency path: limits exposure where the flow is enabled.

Layers of Defense

Comprehensive security at every level.

1

AES-256-GCM Vault Content Encryption

2

Local Key Derivation and Protected Key Storage

3

SSL/TLS Transit Encryption

4

Biometric Authentication Support

5

Security Review and Monitoring

What Legyra Can and Cannot Access

Cannot

  • Read your encrypted vault content without the user-held key
  • Recover or reset your vault PIN for you
  • Sell readable vault secrets to advertisers
  • Hand over plaintext vault content we do not possess

Can Do

  • Store encrypted vault payloads and service records needed to run Legyra
  • Operate account, contact, subscription, and release workflows
  • Respond to lawful or support requests using data available to the service