keevo
Sign in Get Keevo
Engineering blog

What we ship, what we cut, what we got wrong.

Crypto deep-dives, post-mortems, design notes. We write when there's something specific to share — not on a schedule.

ARGON2ID · 1 GB
N° 12 · feature
Featured · Mar 14 2026

Why we tuned Argon2id at 1 GB instead of the default 64 MB

The OWASP-recommended default for Argon2id is 64 MB. Our default is 1 GB — 16× higher. The math, the memory budget on a 2018 iPhone, and the GPU-cracking economics behind that choice.

Read post
N° 11 · post-mortem
Feb 28 2026 · 12 min read

The leak that wasn't: a sync bug we caught in beta

A race condition in delta ordering could have surfaced ciphertext from another user under specific timing. How we found it, what we changed, and why it never reached production.

N° 10 · audit
Feb 14 2026 · 8 min read

Reading the Cure53 report — every finding, in plain language

Two medium-severity findings, both about edge cases in our recovery flow. What they were, how we fixed them, and why we made the report public the day we got it.

N° 09 · design
Jan 22 2026 · 6 min read

The 17-pixel button: designing AutoFill prompts that don't lie

A native AutoFill UI lives at the intersection of OS chrome and our prompt. We had three iterations before the prompt clearly said "this is Keevo, not the website you're on."

N° 08 · crypto
Jan 09 2026 · 14 min read

X25519 sharing: why a public key handshake beats a shared secret

When you share a credential with a teammate, you're solving a small key-exchange problem. We walk through every option we considered and why X25519 + ed25519 won.

N° 07 · v0.9
Dec 18 2025 · 4 min read

v0.9 is here: shared vaults, family plan, hardware key recovery

The biggest release since launch. What's new, what changed, and what we cut between RC and ship.

N° 06 · note
Nov 30 2025 · 3 min read

Why we wrote the iOS app in Swift, not React Native

A Rust core compiled to a static library, called from native Swift. Native AutoFill, Face ID, and Watch sync APIs aren't worth wrapping. Our build matrix and the trade-offs.

Older posts