Fractir
Secure vault storage using distributed key shares.
No single point of compromise.
Fully local. Fully offline.
What is Fractir?
Fractir creates an encrypted vault file that stores your data securely and locally. The vault is protected by a cryptographic key that is never stored in one place.
Using threshold secret sharing, the encryption key is split into multiple independent shares. Only a defined minimum number of shares can reconstruct the original key and unlock the vault.
No cloud. No central authority. No single point of failure.
Traditional Vault
A single key protects the entire vault. If the key is compromised, all data is exposed.
Fractir Vault
The vault key is split into multiple independent shares. Only the required threshold can reconstruct the key.
How It Works
Select data to encrypt
Select any files you want to protect. The files will be encrypted within a single vault file that can be saved and shared.
Split the key into Shares
Choose the number of shares and the threshold required to reconstruct the key.
Store Shares Securely
Each share can be stored separately for maximum security. A share is useless on its own.
Recover
Combine the required threshold of shares to restore the original key and unlock the vault.
Security & Architecture
Fractir performs all cryptographic operations locally. No keys are transmitted, stored remotely, or escrowed.
Modern Authenticated Encryption
Files are encrypted using XChaCha20-Poly1305 (IETF), providing authenticated encryption with extended nonces. Each file receives a unique random nonce.
Threshold Secret Sharing
The encryption key is split using Shamir’s Secret Sharing. Any defined threshold (t of n) can reconstruct the key, while fewer than t shares reveal no information.
Local-Only Architecture
Encryption, key splitting, and reconstruction occur entirely on-device. Fractir does not require internet access and performs no telemetry.
Exact Key Recovery
When the required number of shares are combined, the original encryption key is restored exactly. There is no approximation or partial recovery.
Comparison
FRACTIR
Local threshold encryption
CLOUD STORAGE
Google Drive, Dropbox
PASSWORD MANAGERS
1Password, Bitwarden
TRADITIONAL ENCRYPTION
VeraCrypt
Use Cases
Personal / Family Safeguards
Create shared control over sensitive personal files. For example, two or more family members must both approve before accessing legal documents, inheritance files, passwords, or private archives.
Shared Access Control (2-of-2 or 2-of-3 unlock)
Require multiple keys to unlock sensitive files. For example, two partners must both use their keys before financial records open. No single person can access the data alone. Perfect for shared ownership, co-founders, or joint decision-making environments
Crypto / Asset Custody
Store wallet backups or financial records securely, requiring multiple keys to access. Store keys in multiple locations for redundancy and security. Even if one key is compromised, the data remains secure.
High-Security Environments
Implement a digital equivalent of the nuclear "two-person rule". Require two or more keys before unlocking highly sensitive digital assets. Suitable for high-security scenarios.
Engineering & Research Teams
Secure propietary designs, firmware tools, or simulation data so that they require multiple team leads to unlock. For example, two senior engineers must be present to access sensitive R&D materials. Especially relevant for offline labs or secure facilities.
Frequently Asked Questions
What happens if I lose some key shares?
If fewer than the required threshold (t) remain available, the original encryption key cannot be reconstructed and the data cannot be recovered.
Fractir is designed to remove single points of failure - but that also means recovery depends on meeting the defined threshold. Shares should be distributed carefully.
Can fewer than t shares reveal partial information?
No.
Fractir uses Shamir’s Secret Sharing. Any number of shares below the defined threshold reveals no information about the original key and can not unlock the vault.
Does Fractir require an internet connection?
No.
All encryption, key splitting, and recovery occur locally on your device. Fractir does not require online accounts or servers to function.
Is my encryption key ever uploaded or stored remotely?
No.
Encryption keys are generated locally and split into shares locally. Fractir does not perform key escrow or remote storage.
What encryption does Fractir use?
Files are encrypted using XChaCha20-Poly1305 (IETF) via libsodium, providing authenticated encryption with extended nonces.
Each file receives a unique random nonce.
How is Fractir different from a password manager like 1Password?
Password managers such as 1Password or Bitwarden rely on account-based access and central service infrastructure.
Fractir distributes cryptographic key shares directly. Recovery depends on collaboration between share holders rather than account recovery.
How does digital legacy work with Fractir?
You can distribute key shares to trusted individuals - for example family members, business partners, or a legal representative.
When the defined threshold is met, the original key can be reconstructed and the encrypted data accessed - without requiring access to an online account.
Can I give one share to a lawyer?
Yes.
Shares are independent. You can distribute them in any combination that fits your recovery model - including assigning one to a solicitor or executor.
What happens if Fractir is no longer maintained?
Encrypted files and shares remain usable.
As long as the required shares are available, the data can still be recovered. Fractir does not rely on a hosted service remaining operational.
