Last updated: March 19, 2026
ZeroKeys is a non-custodial Bitcoin multisig coordinator. Privacy is foundational to our design — not an afterthought. This policy explains what data we collect (very little), what we don't collect (everything else), and why.
When using ZeroKeys in local-only mode, all data stays on your device. Your encrypted vault is stored in IndexedDB within your browser. No data is sent to any server. Network requests go only to user-configured Bitcoin nodes (Electrum or Bitcoin Core RPC) for blockchain queries.
If you opt into cloud sync, your encrypted vault payload is stored on our Supabase infrastructure. This payload is encrypted with AES-256-GCM before it leaves your device — the server stores opaque ciphertext and cannot read, modify, or forge your wallet data.
Cloud sync requires a Supabase account. We store only the minimum account data needed for authentication (a derived identifier and encrypted payload). We do not store your passphrase.
All wallet data at rest — extended public keys, labels, derivation paths, cosigner information, addresses, UTXOs, and settings — is encrypted as a single AES-256-GCM payload using PBKDF2 key derivation with 600,000 iterations. The encryption key exists only in memory while the vault is unlocked and is never written to disk or transmitted.
ZeroKeys is open source. You can audit the entire codebase to verify these claims at github.com/Joaofcm/zerokeys.
We may update this policy as ZeroKeys evolves. Material changes will be communicated through the application and on this page. The “last updated” date at the top reflects the most recent revision.
Questions about this policy? Open an issue on GitHub.