AES-256-GCM · Zero Knowledge

Your Apple Watch
protects your data.
Automatically.

Ember encrypts your files on-device with AES-256-GCM. When your Apple Watch detects danger — abnormal vitals, a fall, a panic press — your vault is wiped before anyone can reach it. No backdoors. No plaintext. Zero compromise.

No spam. We'll notify you when Ember launches on the App Store.

iOS · watchOS AES-256-GCM Zero Knowledge
AES-256-GCM
⌚ Watch Sync
scroll
🔓 Data exposed
👁 Being watched

Your phone knows
everything about you.

Photos, messages, documents, passwords — stored in plaintext, waiting for the wrong hands. One unlocked screen. One coerced biometric. One border crossing.

😰
Border searches can access your unlocked phone
Without a warrant in many jurisdictions
😨
Arrest means immediate device seizure
All your data in the hands of authorities
😱
Physical threats can force unlocking
Biometrics can be legally compelled

Meet Ember

The only vault that watches your health and acts before you can be stopped.

What Ember does

Four layers of protection. One seamless experience.

AES-256-GCM

Military-grade encryption applied on-device. The server never sees plaintext — ever.

256-bit keys · Zero knowledge

Watch Trigger

Apple Watch monitors SpO2, HRV, and heart rate. Abnormal readings automatically activate protection.

SpO2 · HRV · Heart Rate

Emergency Wipe

Manual or automatic. All vault data is cryptographically erased. 30-second cancel window.

30s cancel · Cryptographic erase

Recovery Key

12-word recovery phrase. The only way to restore your vault. We can't help if you lose it — by design.

12 words · Offline

How it works

Three moments that protect your privacy

1

Encrypt

Upload files to your vault. Ember encrypts everything locally with AES-256-GCM before touching the network.

2

Monitor

Apple Watch tracks SpO2, HRV, and heart rate. Stress spikes or abnormal readings activate emergency protection.

3

Protect

Emergency triggered. All vault data is cryptographically wiped. Your secrets are gone before anyone can reach them.

Built on real cryptography

Not marketing. Not buzzwords. Actual implementation details.

Security Architecture

🔐
File Encryption
AES-256-GCM via libsodium
📱
Key Storage
iOS Keychain / Secure Enclave
🌐
Transport
TLS 1.3 + end-to-end encryption
🔑
Recovery
12-word recovery phrase · offline
🎫
Authentication
JWT RS256 · 15 min access · 7 d refresh
🛡
Password Hashing
Argon2id (OWASP minimum params)

Our Promises

Server never sees plaintext
Encryption happens on-device, before transmission
No backdoors, ever
We cannot decrypt your data even if legally compelled
Keys stay on your device
Stored in iOS Secure Enclave — never transmitted
Watch-first trigger architecture
Risk scoring runs on Apple Watch — not on our servers
Rate-limited & breach-protected
Brute-force protection, account lockout, Argon2id

Be first to
protect what's yours

Ember is launching soon on the App Store.
Join the waitlist for early access.

No spam. Free to start when it launches.

iOS 16+ · Apple Watch Series 4+ · macOS (desktop agent)