the password manager
that can't read your data.
Sign in to your OrangeCheck identity — a Bitcoin wallet (BIP-322) or email-OTP. Every entry is sealed under a key your browser derives from your passphrase — no master password on our servers to phish, no recovery backdoor to subpoena. Every entry exports as a portable .lock envelope you can decrypt locally even if vault.ochk.io disappears tomorrow.
eight entry types. every secret you actually have.
Each entry is a self-contained, AES-256-GCM-encrypted blob sealed to your wallet. The vault doesn't care what's inside; only your wallet can read it. Mix and match — there's no per-entry-type quota.
Username, password, URL, notes. Generate a 24-character password in two clicks. Copy with one. No browser extension required — the dashboard is the autofill.
Paste a base32 secret or an `otpauth://` URI. The 6-digit code rotates every 30 seconds, visible in the list view at a glance. Survives phone loss; never sees a Google or Authy cloud.
Never paste your `OPENAI_API_KEY` into a browser tab again. Never email a Stripe live key to a coworker. Never type your AWS access key into a shell history. Pulls into your terminal via the CLI; never typed into the URL bar.
Cardholder, number, expiry, CVV, PIN, billing ZIP. The list view shows only the last four digits; the rest stays sealed until you reveal it. Copy the number with one click and the clipboard self-wipes 30 seconds later.
Name, email, phone, company, address — the block of personal data every checkout and signup asks for. Kept in one encrypted entry instead of scattered across a dozen browser autofill profiles you do not control.
Every service emits a wall of 8-character recovery codes that are "important — save these somewhere safe." This is somewhere safe. Sealed to your wallet, addressable from any browser you sign in from, gone after one share.
Anything you would type into a Note app, but encrypted at rest under a key only your wallet produces. Pass it to anyone with your wallet seed, decrypt anywhere with the open SDK.
Up to ~1 MB of binary payload per entry. The file becomes ciphertext on disk and stays ciphertext in transit. Export, decrypt, restore — anywhere with the SDK and your wallet.
Bitcoin (or any cryptocurrency) seed phrases. The whole point of self-custody is that the seed never touches a connected device. Put your seed on metal — Coldcard tap-seed, Seedplate, Steelplate, Bitkey, Hodlr, Cobo Tablet, hand-stamped washers — and keep it in a safe. The vault supports a "seed phrase" entry type only for edge cases (BIP-39 passphrases that are NOT the full seed, non-Bitcoin recovery phrases, etc.). We will not market vault as "the place for your seed," and you should not treat it as one.
> If you came here to store a Bitcoin seed: please don't. Go here first. Software is the wrong layer.
> Every entry is sealed client-side with AES-256-GCM under a vault key your browser holds. OC sees ciphertext only. Lose the cloud → your local copy keeps working. Lose your wallet → no recovery, by design.
four steps. one wallet. zero accounts.
OC Vault uses Flow 4 of the open OC Lock protocol — the "self-vault" pattern. You're the sender, the recipient, and the verifier. OC is only a ciphertext relay. The cryptographic contract is the product contract.
- [01]
connect
Open vault.ochk.io and sign in to your OrangeCheck identity — a single BIP-322 signature from a Bitcoin wallet, or an email one-time code. No password to choose, no second account to create.
- [02]
add a secret
Password, seed phrase, TOTP seed, API key, secure note, or small file. The browser seals it client-side as a portable .lock envelope. Plaintext never leaves your tab.
- [03]
sync or export
Free: store locally in IndexedDB, or point at your own Nostr relay / HTTP blob URL. Paid: 7,000 sats / month or 70,000 sats / year over Lightning for vault.ochk.io cloud sync — one OrangeCheck identity, prepaid, no card on file.
- [04]
unlock anywhere
Any browser, any device. Re-sign the BIP-322 challenge with the same wallet, your device key unwraps the envelope. Lose the cloud? @orangecheck/lock-core from npm decrypts your exports forever.
every other vault asks you to
trust their company to hold
the master key.
OC Vault seals every entry under a key derived from a passphrase only you know, in your browser. There is no plaintext on our servers to breach. There is no proprietary export format to escape from. The cryptographic contract — “only the holder of the passphrase can decrypt” — is the product contract.
| system | account | master password | recovery | export format | payment | breach exposure |
|---|---|---|---|---|---|---|
| 1Password | required | yes (KDF-protected) | recovery kit + secret key | proprietary 1pux | card · subscription | marketplace cloudflare incident (2023) |
| Bitwarden | required | yes (KDF-protected) | emergency contact | json (cleartext) | card · subscription | custodial · subpoenable |
| LastPass | required | yes (KDF, weak by default) | account-recovery flow | csv (cleartext) | card · subscription | full vault exfiltration (2022) |
| Apple iCloud Keychain | apple id required | device passcode | apple-mediated | none (locked-in) | bundled w/ icloud | custodial · subpoenable |
| self-hosted KeePassXC | none | yes (file passphrase) | you keep the file | kdbx (open) | free · self-managed | only what you leak |
| oc vault | none (wallet is identity) | none (BIP-322 sign-on) | your wallet | .lock envelope (open) | sats · lightning · no card on file | cryptographically impossible |
> Breach references are public-record incidents at the named vendors. "Cryptographically impossible" for OC Vault means an attacker with full access to vault.ochk.io's database recovers ciphertext only — there is no KDF, no recovery kit, and no plaintext path that doesn't require the user's wallet.
Your wallet derives your device key locally. OC never sees the wallet, has no recovery backdoor, cannot leak what it does not hold.
OC holds ciphertext only. No "master password KDF stops us" story — there is no master password. The math is the policy.
Every entry is a portable .lock envelope. Export anytime. If vault.ochk.io disappears, @orangecheck/lock-core from npm decrypts your backups forever.
Read the underlying protocol design at oc-lock-protocol/WHY.md — OC Vault is the consumer-facing productization of Flow 4 (self-vault) from that spec.
the four objections we hear most. addressed up front.
- do I need a bitcoin wallet to use this?
- For full sovereignty, yes — any BIP-322-capable wallet works (Sparrow, Xverse, Leather, UniSat, Alby, OKX, Phantom). For the easy on-ramp, no — sign in with email + a one-time code; the federation provisions a wallet for you in your browser, and you can graduate to your own wallet later without losing any data.
- what if vault.ochk.io disappears tomorrow?
- Your local copy keeps working. Every entry is an AES-256-GCM ciphertext sealed under a vault key your browser holds. Download the portable JSON export at any time;
@orangecheck/lock-cryptofrom npm decrypts it forever, with or without vault.ochk.io existing. - can OC read my entries?
- No. We hold ciphertext only. The vault key is derived from your passphrase, in your browser; cloud-sync blobs are double-encrypted so we don't even see entry names or types — just random envelope ids and timestamps. Full database access recovers ciphertext that requires your passphrase to decrypt.
- how is this different from just using LastPass or 1Password?
- Those vaults are protected by a master password that's stored, KDF-stretched, and verified server-side. A breach of the vendor's database — like LastPass in 2022 — exposes your entire vault to offline brute force. OC Vault has no master password and no vendor account; the cryptographic contract is the product contract.
> More questions on /pricing — and the underlying protocol design is at oc-lock-protocol.
the protocol is open. the SDK is on npm. the family survives this product.
vault.ochk.io is one consumer of oc-lock-protocol — the same envelope spec powers every other family product. If vault.ochk.io disappears, the protocol and the SDK stay. Your data decrypts with code anyone can audit, host, and fork.
one open protocol. three open packages.
OC Vault is the commercial product. The protocol it implements and the SDK it depends on are MIT-licensed and reusable. Re-implement the SPEC in any language — the test vectors are the ground truth. The web client is a convenience over the SDK, never the authoritative implementation.
- oc-lock-protocol ↗normative spec for the .lock envelope · Flow 4 (self-vault)
- @orangecheck/lock-core ↗seal(), unseal(), canonical envelope, BIP-322 binding
- @orangecheck/lock-crypto ↗x25519 ECDH + chacha20-poly1305 AEAD primitives
- @orangecheck/lock-device ↗wallet-derived device key, device record management
- lock.ochk.io ↗reference web client for the broader OC Lock protocol (Flows 1-3)
bitcoin-bound.
ciphertext-only.
yours by construction.
Free forever locally. Cloud sync is 7,000 sats / month or 70,000 sats / year, per OrangeCheck identity. Prepaid over Lightning. No fiat, no card, no auto-renew, no account.