Blog & Updates

Most cloud storage services claim to protect your data with encryption. What they usually mean is that your data is encrypted at rest on their servers, and they hold the keys. That is not end-to-end encryption. It means they can read your files whenever they choose, and so can anyone who gets access to their infrastructure.

Vault is different. Encryption and decryption happen entirely in your browser, using the Web Crypto API. Your passphrase never leaves your device. The server never sees your keys. We host the encrypted blobs, but we have no way to read what is inside them.

How it works

When you set up Vault on your Account page, a random 256-bit vault key is generated in your browser. That key is wrapped with your passphrase using AES-KW after deriving a wrapping key via PBKDF2 at 600,000 iterations. The wrapped keystore is saved to your pod at /vault/.keystore. You own it. It lives in your pod, not in a separate database we control.

Each file is encrypted with AES-256-GCM with a unique 12-byte random nonce. Per-app encryption keys are derived from your vault key using HKDF, so every app that integrates with Vault gets its own isolated key. You use one passphrase for all your apps, but no two apps can decrypt each other’s data, even if one were compromised.

A one-time recovery code is generated at setup and displayed once. If you forget your passphrase, you can use the recovery code on your Account page to re-wrap the vault key with a new passphrase. Your files are never at risk from a forgotten passphrase as long as you have the recovery code.

What gets encrypted

Any app that uses the Vault SDK stores its files in your vault automatically. File contents are encrypted. Filenames are stored only in an encrypted manifest inside the vault. From the outside, vault storage looks like a directory of opaque blobs with UUID names.

Apps that do not use the Vault SDK continue to work exactly as before, storing data as regular Solid pod resources. Vault is additive, not a replacement for the underlying pod.

Free plan users

Vault setup requires a Pro plan, because the provisioning and passphrase setup UI lives in your account dashboard. However, apps built with the Vault SDK work in plaintext mode for Free plan users. The API is identical either way. Developers write one code path; the SDK switches between encrypted and plaintext automatically based on whether a vault keystore exists in the pod.

Passphrase-free access with delegation

Entering a passphrase every session is secure, but it can feel like friction. Vault 0.2.0 adds delegation: an app can generate an ECDH key pair, publish its public key to your pod, and ask you to approve it once on your Account page. You enter your passphrase once — the Account page derives the app’s namespace key and wraps it for the app’s public key using ECDH + AES-KW. After that, the app can open your vault silently on every visit without ever seeing your passphrase. The private key never leaves the browser that generated it.

You can see all apps that have requested access, approve them, and revoke any grant at any time from the App access grants section of your Vault card on the Account page. Revoking a grant immediately prevents that app instance from opening your vault, even if the device is lost.

For developers

The @privatedatapod/vault-sdk npm package (v0.2.0) is open source and available today. It works with any Solid pod server. Full documentation is at the Developer Center, including a full API reference, delegation guide, React integration patterns, and an AI agent prompt you can paste into Copilot or Cursor to get started immediately.

Getting started

If you are on a Pro plan, open your Account page and look for the Vault section. Setup takes about 30 seconds. After that, any Vault-enabled app will either prompt for your passphrase (classic mode) or ask you to approve it once via delegation, then open silently on every future visit.

If you are on the Free plan, upgrading to Pro adds Vault alongside the larger storage quota and daily backups.

Data ownership means owning the decision to leave, too. We’ve shipped a Danger Zone section in the Advanced tab of your pod dashboard. Clicking Delete my account opens a three-step flow:

• Step 1 — Choose a reason (we use this to improve the product, never to market to you).
• Step 2 — Optionally tell us more in your own words.
• Step 3 — Review the consequences, confirm, and submit.

After confirming, your account enters a 30-day pending deletion window. During that time you can contact support to reverse the decision. After 30 days your pod data is permanently removed. Pro subscribers have their Stripe subscription cancelled with cancel_at_period_end so you keep access until the end of your billing period.

We also added a pod data export before we removed the in-dashboard delete button — so whatever you decide, you can always take your data with you first.

Pod Drive

Pod Drive is a file manager backed entirely by your pod at yourname.privatedatapod.com. Upload, organise, and access files from any browser on any device. Because the files live in your pod, they’re accessible to any other Solid app with your permission — no more file import/export between tools.

Pod Resume

Pod Resume lets you build a professional resume that lives in your pod. Export as PDF, share a link, or make sections selectively public — all without surrendering your career history to a third-party platform that might gate-keep it, change pricing, or disappear.

Both apps are free to use with any pod plan.

We built the Developer Center because the Solid ecosystem needs more apps. The standard is powerful — but building and hosting an app from scratch still involves too many steps for most developers. Developer Center removes the infrastructure friction:

• Download a starter template (React + Solid auth, pre-wired)
• Build your app locally
• Upload a ZIP to deploy to a global CDN with HTTPS included

Free pod users can host 1 app. Pro users get 5. We provide the hosting at yourapp.apps.privatedatapod.com — you own the app and all user data stays in each user’s own pod.

There are two ways to build a “personal data vault” service. The first is to create a proprietary system optimised for your use case — you control the format, the API, the roadmap. The second is to implement an open standard that others are also building towards. The first gives you more short-term control. The second gives your users something much more valuable: genuine data portability.

We chose Solid — the W3C standard created by Tim Berners-Lee — because we wanted to mean it when we said “you own your data.” With a proprietary system, locking you in is a business option we could exercise at any time. With Solid, we can’t: if we tried to lock you in, you could self-host or move to another provider, and every app you use would keep working.

That constraint is intentional. It forces us to compete on service quality, not switching costs. We think that’s how it should work.

Every major cloud storage provider today — Google Drive, Dropbox, iCloud, OneDrive — operates on the same underlying premise: your files live on their infrastructure, under their terms, accessible to their systems. You get convenience. They get your data.

We think that trade-off is bad for users in the long run. Data locked to a platform can’t easily move. Data subject to a vendor’s terms can be analysed, mined, or restricted. Data on a proprietary system can only work with apps that provider approves.

Private Data Pod is a hosted Solid pod service. Your pod is hosted on our servers, but it follows the Solid open standard — which means you can move it, self-host it, or use any Solid-compatible app with it. The standard, not us, defines what your pod can do.

Free tier is 1 GB. Pro is $9.99/month for 10 GB with daily backups. No credit card required to start.