Vaulto: Privacy-First Secure File Storage & Sharing App

In an era where "the cloud" is simply someone else's computer, privacy has become an afterthought. Vaulto was engineered to return total data sovereignty to the user. It’s a secure file storage and sharing ecosystem where privacy is not an opt-in feature, but the foundational default.

Most people store their most sensitive assets—passports, contracts, and medical records—in environments where the provider holds the keys. This creates a massive single point of failure. If the provider is breached, the user is exposed.

The objective: Build a "Zero-Knowledge" system that:

Removes the platform's ability to see user data.

Simplifies complex cryptographic workflows into a seamless UX.

Guarantees security even if the physical device is compromised.

I designed and developed Vaulto with a focus on Local-First Security. By moving the encryption heavy-lifting to the client side, we ensured that the cloud only ever sees "noise," never the data.

Utilizing AES-256 encryption, Vaulto locks files on the user's device before the upload process begins. This ensures that even in the event of a server-side breach, the data remains mathematically impossible to decrypt without the user's local key.

Traditional sharing creates permanent copies. Vaulto uses cryptographic links and QR codes that grant temporary viewing rights. As the owner, you can "kill" a link instantly, effectively wiping the recipient's ability to view the file in real-time.

Security is often invisible, which can lead to user anxiety. I designed a "Glass Box" interface—using subtle animations and status indicators—to show the user exactly when their file is being "armored" (encrypted) and "shredded" (deleted locally after upload).

Design: Figma

Engine: Kotlin & Android Native for high-performance, on-device processing.

Backend: Firebase & Google Cloud for scalable, encrypted storage.

Privacy Layers: Integrated Biometric Auth, Screenshot Blocking, and Screen-Recording Protection.

Vaulto proves that "High Security" doesn't have to mean "High Friction." By automating the encryption layer and focusing on a clean, intuitive mobile experience, I transformed a complex cybersecurity tool into a daily-use productivity app.

Infrastructure over Intent: Privacy is guaranteed by the code, not the company's policy.

User Sovereignty: Users maintain 100% ownership of their digital footprint.

Obsessive Detail: From the way the "Locked" icon feels to the speed of the local encryption, every detail reinforces the brand's core value: Safety.