ZeroNorth: Secret Encryption Vault Generator (1-of-1)

A tool that generates unique, offline, encrypted vaults that only their creator can decrypt. No cloud, no backup server, no duplicates. Your own private encryption universe.

Comment 7

Inspiration

Zero North was inspired by the way my friends and I used to share private messages with each other growing up. Back then we relied on Base64 to keep things secret. As I got older and more embedded into the emerging tech layer, I started wondering:

What would it look like to create encrypted environments that ONLY the recipient could ever possess? True, one-of-one artifacts that couldn't be reproduced without the originals, couldn't be spoofed, and couldn't be cross-decrypted?

When I heard about the Bolt Hackathon, I wondered how far I could take that encryption layer with prompt engineering and it turns out pretty far! To make my project unique, I use node's crypto module to derive a per-instance AES-256 key at runtime using something I call the entropy seed. The seed's hash is recorded in vaultproof.json along with the metadata and logic fingerprint, but the key itself is never exposed. It's inspired by blockchain genesis events, but applied to encryption instead of consensus.

I have several peers in web3, crypto, etc. and I began to visualize time (entropy) as a blockchain analogue, leading to the entropy seed injection model; which guarantees that not only are your messages encrypted, you fully own the encryption universe your vault operates in. No one else can reproduce or derive its internal logic!

Zero North is now patent pending technology.

What it does

For non crypto people, Zero North Vault is a secret encryption tool.

For judges and cryptographers, Zero North Vault is a 1-of-1 unique cryptographic encryption environment that functions like an actual digital artifact, your own personal encryption language.

My full-stack product UX takes consumers and judges through a quick onboarding, along with an "education section" about your secret passwords and information, and then calls my backend API.

My backend API is a digital machine droplet that upon fetch generates a cryptographically unique AES encryption environment, wraps it in a .zip, serves it to the user, and then deletes the backup. This allows users full control of their sensitive information, passwords, or financial data; which they can encrypt within their own personal cipher environment.

How I built it

Zero North Vault was built with a combination of Bolt.new, React, Node.js, Electron, and prompt engineering with artificial intelligence. The frontend was created on Bolt, a simple UX demo for the competition where I demoed users (falsely) inputting their secret words and then downloading their unique vaults. The backend runs on a hardened DigitalOcean droplet, where a Node.js API handles vault generation requests.

The judges never even called my API.

Each vault spin-up injects a seed into the runtime logic to produce unique keys and proof artifacts. Using Electron Builder, my server dynamically generates a fully offline Windows .zip containing the personalized encryption environment. Vaultproof files including vault-seed.txt, vault-genesis.txt, and vaultproof.json are packaged within the API fetch.

Server hardening was implemented by enforcing SSH key-only logins, disabling root access, configuring DigitalOcean’s firewall, setting up fail2ban for brute-force protection, and managing the Node process with PM2 for stability. My next hardening step would be fixing up iptables.

All vault artifacts are ephemeral: they’re deleted after delivery to the user and wiped semi-regularly with a cron command.

Challenges I ran into

Key challenges to overcome included:

  • Understanding what I was building

This project has given me a profound appreciation for encryption and cryptography, and now I'm even formally pursuing an education and career in the field. I read multiple 'Intro to Cryptography' books and have connected with the authors on LinkedIn (Thanks, Panos Louridas) along with spending hours doing a bunch of other supplementary research. If you're a cryptographer and you're reading this, please understand that if there are terminological errors, I mean no disrespect to the craft. It took me a long time to even understand what I was building, and I'm looking for more formal framing so that I can technically write more clearly; but the application seems to work.

  • LLM hallucinations

At multiple times throughout the project I found my LLM assistants desperately needing a re-established context, because at certain points in the work flow all of my work would be overwritten or logic would be changed in a (seemingly insignificant) way, which would then lead to problems with encryption or the frontend.

  • Network stack

Keeping it real-- I'm a product and systems guy. When I realized that I had to actually secure my backend I had to rebuild the project from scratch, audit my entire build, and do deep research on how to secure it in such a way that it wasn't open to anybody. It gave me a lot of respect for the hard work that network engineers do to protect all of our data.

  • Full-stack solo workload & time pressure

As a one-person team balancing front-end, back-end, cryptographic logic, and UI polish in a 21-day window, I had to manage my energy, debug countless integration issues, and keep the project from derailing.

  • Some other challenges I ran into without going into major details:

Entropy-seed wiring & logic injection, Electron build environment quirks, Verifying novelty & patentability.

Accomplishments that I'm proud of

  1. Actually Shipping the finished demo. I almost gave up at one point, I had a night out with friends and had some drinks and came back and basically wrecked the entire project. The next day, I knew I had to fix everything, and was persistent on getting the vaults to be cryptographically unique. Later that day, I took a nap and had a breakthrough, and the next time I built a vault, it finally worked. Hooking it up to the frontend was EASY in comparison.

  2. Innovating? I can't help but feel like this totally fits the "Why doesn't this exist yet?" category. For all of the work cryptographers do to secure data for institutions, much of that encryption is out reach for regular consumers who don't understand their privacy, most people don't even know what consumer cryptography even looks like. Zero North Vault is a step towards giving some of that power to the people.

What I learned

I learned so much, I will do a video on this (in esports they called this a "war story") after my submission. This Bolt Hackathon gave me so much more hands on experience with prompt engineering, HTTPS, HTML, Github, digital cloud services, product design knowledge, the list goes on and on.

Building this gave me subconscious proficiency with kernel navigation, which (in YouTube videos) is one of the first steps they always teach you in basic coding tutorials. I feel like those suck compared to actually trying to build something and getting hands-on experience with a project in a hackathon like Zero North.

Oh, and of course, my new (significant career interest) in cryptography, emerging technology, and the entire layer of digital architecture helping run the world around us...

What's next for ZeroNorth: Secret Encryption Vault Generator (1-of-1)

Fully working out the details on our patent for Entropy-Seeded Vaulted Execution Systems for Offline Cipher Artifacts and Local Proof-of-Origin.

In my demo video as well, you can see how I would ship Zero North as a product at check outs in places like WalMart or Best Buy. I'd love to secure some funding or a partnership with a secure USB hardware provider, or a company like Ledger, to bring this technology to consumers.

Built With

Share this project:

Updates