Security Architecture

Vult is designed with security at its core. Our air-gapped architecture provides defense-in-depth protection for your sensitive documents.

Air-Gap Technology

The application operates completely offline. No network connections are required or made during normal operation. This eliminates entire categories of attack vectors including:

  • Man-in-the-middle attacks
  • Data exfiltration via network
  • Remote exploitation
  • Cloud provider breaches

Encryption

All data at rest is encrypted using industry-standard algorithms:

  • AES-256-GCM for document encryption
  • Argon2id for password hashing (128 MiB memory, 4 iterations)
  • SQLCipher for database encryption
  • Secure key derivation from master password

Local AI Processing

All AI inference runs locally using open-source models. Your prompts and responses never leave your device. We use:

  • Qwen3 models for language understanding
  • BGE-M3 for document embeddings
  • FlashRank for intelligent reranking

Compliance

Our architecture supports compliance with major regulatory frameworks:

GDPR

Full data sovereignty, right to erasure, data portability

SOC 2

Security, availability, confidentiality controls

ISO 27001

Information security management system

EU AI Act

Transparency, human oversight, risk assessment

Security Audits

Our codebase is open source and available for security review. We welcome responsible disclosure of any vulnerabilities.

Report a Vulnerability

Security researchers can contact us at: security@vult.chat