Pionen · Secure Vault · v1.0.0
9:41●●●● 100%
VAULT LOCKED
BIOMETRIC SCAN
ENTER PIN
ACCESS GRANTED
Authenticating…
Skip ›
v1.0.0 · Open Source · Android 8+

Military
Encrypted
Vault.

AES-256-GCM per-file encryption.
Hardware-backed keys. Zero cloud. Zero traces.

Download APK View Source →
9:41 ●●●● 100%
VAULT LOCKED
AES-256 Keystore
AES-256
Encryption
100k
PBKDF2 Rounds
2-FA
Bio + PIN
~200ms
Panic Wipe
0
Cloud Backup
Capabilities

Nothing leaves.
Nothing leaks.

Every feature engineered around a single principle — your data stays yours, always.

🔐

AES-256-GCM Per-File Encryption

Each file gets its own unique 256-bit key, generated inside the Android Keystore. Keys never leave secure hardware. Streaming encryption means even 4GB files never sit in plaintext RAM.

AES-256-GCMAndroid Keystore StrongBox TEERandom IV 128-bit Auth TagCrypto-shredding
🔑

Two-Factor Auth

Biometric + mandatory 6-digit PIN. PBKDF2-SHA256 at 100,000 iterations with a 256-bit salt unique per installation.

💣

Panic Wipe

Shake the phone. Every key is destroyed in ~200ms. All files become irrecoverable — permanently and instantly.

🎭

Stealth Mode

Disguise as Calculator, Notes, or System Utilities. Switch icons instantly — the real app stays hidden in plain sight.

🌐

Tor Private Browser

Every browse session routed through Tor. No cookies, no history, no fingerprinting. Starts fresh every time.

📡

Local HTTPS Server

Share vault files to any browser on the same Wi-Fi. Zero cloud. Self-signed HTTPS. QR code pairing.

📷

Direct-to-Vault Camera

Photos and videos captured directly to the encrypted vault. The original never exists in your gallery.

🕵️

Intruder Capture

Silently photographs failed unlock attempts. Stored in vault. They'll never know they were caught.

Security Design

Paranoid
by design.

Every architectural decision starts from a threat model. No plaintext on disk. No key outside hardware. No telemetry, anywhere.

  • No disk image cache — Coil configured memory-only. Decrypted frames never touch storage.
  • FLAG_SECURE global — Screenshots, screen recorders, and recent-app thumbnails blocked everywhere.
  • Zero cloud backupallowBackup=false. All Android extraction rules blocked. No Google Drive sync possible.
  • HTTPS-only networking — Cleartext globally disabled. System CAs only. OS-level enforcement.
  • Zero logcat in release — All logs stripped by R8 + BuildConfig. Zero metadata leaks in prod builds.
  • Auto-lock on background — Vault locks instantly when app leaves foreground. No timeout grace period. 
// Encryption Stack

User Auth (Biometric + PIN)
  └─▶ Android Keystore
        TEE / StrongBox
        └─▶ KeyManager
              AES-256, non-extractable
              └─▶ FileEncryptor
                    AES-256-GCM
                    IV: 12 bytes (random)
                    Tag: 128-bit
                    └─▶ *.enc on disk

// Database
SQLCipher
  └─▶ EncryptedSharedPrefs
        AES-256-GCM master key
        └─▶ encrypted metadata only

// Panic Wipe
KeyManager.destroyAllKeys()
  └─▶ Keystore entries: deleted
        Files: irrecoverable
        Time: ~200ms
Hardware Security

Why StrongBox?

Your encryption key never leaves the dedicated security chip — even if the OS is compromised.

Software Keystore TEE (TrustZone) StrongBox
Where Main CPU, normal OS Main CPU, isolated secure world Separate physical chip
Speed ~1 ms fastest ~5–15 ms ~50–200 ms slowest
Security Lowest weak High Highest tamper-proof
Key extractable? Via root No (software boundary) No (physical boundary)
Survives OS compromise? No Partially Yes
Tamper detection None None Voltage, clock, glitch sensors
Pionen automatically uses StrongBox when available (Pixel 3+, Samsung S10+). Falls back to TEE on older devices. The bulk AES-GCM file encryption still runs on the main CPU — only the key unwrap step touches StrongBox, so real-world file throughput is unaffected.
Live Trace

Encryption, in action.

Watch a file move through the full encryption stack — from key request to vault write.

pionen-vault · encrypt · live trace
Initialising vault engine...
Get Pionen

Start protecting
your files today.

Free. Open source. No accounts. No telemetry.
No subscriptions. Just encryption.

DOWNLOAD FROM
GitHub Releases
BROWSE THE
Source Code
Requires Android 8.0 (API 26) or higher · v1.0.0 · MIT License
Quick Start

Up and running
in 60 seconds.

No account required. No cloud sync. Everything stays on your device.

STEP 01

Download APK

Grab the latest .apk from GitHub Releases. No Play Store required.

STEP 02

Enable Install

Allow your browser to install unknown apps in Android Settings → Security.

STEP 03

Set PIN + Bio

Create your 6-digit PIN and register your fingerprint. Keys are generated on-device.

STEP 04

Import Files

Add photos, videos, or documents. Each file is encrypted with its own AES-256 key instantly.

Legal Notice & Disclaimers

Export Control

This software includes cryptographic functionality (AES-256-GCM). By downloading or using Pionen, you agree to comply with all applicable export control laws in your jurisdiction. The authors make no representations regarding the legality of this software in any particular country.

No Warranty

Pionen is provided "as is" under the MIT License, without warranty of any kind. The authors are not liable for any damages — including data loss or security incidents — arising from use or inability to use this software.

Security Disclosure

To report a vulnerability, follow the responsible disclosure process in SECURITY.md. Do not publicly disclose issues before they are addressed. We aim to respond within 48 hours of a valid report.