01
Encryption is the product.
Not a feature, not a checkbox. If we ever ship a feature that compromises the threat model, we delete the feature.
Keevo started in 2024 because every existing password manager was either closed-source, breached, locked to one ecosystem, or all three. We wanted to use something we could read end-to-end.
The first commit landed on March 14 2024 — a 200-line Rust prototype that encrypted a JSON file with XChaCha20 and synced it through a Hetzner VPS. Three of us were building it on weekends. By July, the iOS prototype could unlock with Face ID. By October, the Chrome extension was filling forms. By March 2026, Cure53 had reviewed the cryptography and we shipped the public beta.
Keevo is deliberately small. Five people. One office in Hà Nội. We're funded by paying customers — no VC, no growth-at-all-costs deadline forcing us to ship something we wouldn't trust ourselves.
Not a feature, not a checkbox. If we ever ship a feature that compromises the threat model, we delete the feature.
Anyone can claim "we don't read your data." We publish the source, the audits, the canary. You shouldn't have to trust us — you should be able to check.
Argon2id, XChaCha20, ed25519, Rust. Nothing experimental, nothing "novel." If we ever invent crypto, please file a bug.
Five people means everyone reads every PR that touches crypto. Past 30 we'd lose that — so we don't plan to grow past 30.
Founder · iOS · Rust
Wrote the iOS app and the Rust core. Was a security engineer at a bank before quitting to build this.
Crypto · Sync server
Wrote the sync protocol and the relay server. PhD in applied cryptography (UToronto).
Design · Web vault
Designed the iOS app, the web vault, and this site. Believes a typeface choice should be defendable in writing.
Two more on the bench, one in Berlin and one in Singapore. We'll add them here once they want their faces on the internet.
If you've shipped a meaningful PR to the open repos, you're already in the pile. Otherwise: open a PR, and we'll see you there.