Overview
The SCSA Vault desktop app — hardware-bound file sealing.
What SCSA Vault does
SCSA Vault seals files to the silicon of a specific machine — its CPU, GPU, or both. A sealed file is cryptographically useless anywhere else: copied to another laptop, a USB stick, or a cloud bucket, it decrypts to nothing without the exact hardware it was bound to.
There is no key file to copy, phish, or subpoena. The decryption capability is derived from a live measurement of the hardware at the moment you open the file.
Sealing a file
Drag, drop, and seal. Optional passphrase as a second factor on top of the hardware binding.
Hardware binding
Keys derive from CPU confidential-compute measurements, TPM2, or GPU attestation — not from a stored secret.
FAQ
Recovery, portability, and what happens if hardware changes.
Install
Download the latest build for your platform:
- macOS (Apple Silicon) — SCSA.Vault_0.2.8_aarch64.dmg
- macOS (Intel) — SCSA.Vault_0.2.8_x64.dmg
- Windows — SCSA.Vault_0.2.8_x64-setup.exe
All builds are signed and auto-update against their published signatures. See the Releases page for every platform, including the Linux binary.