COCRYPT

COCRYPT

Lock any file so that every trusted participant must give their physical approval — via NFC and biometrics — before it can ever be opened.

Coming Soon

How It Works

1

Participants Register

Each participant generates an EC P-256 key pair on their own device and sends their public key to the file owner via NFC — no internet, no servers.

2

File Owner Locks

The owner encrypts any file with AES-256-GCM and splits the encryption key into N pieces using XOR — one piece per participant. Each piece is wrapped with that participant's public key via ECIES. The result is a single .cvl file.

3

All Participants Unlock

To open a .cvl file, every participant must physically tap their phone to an NFC tag and authenticate with their fingerprint or face. Only when all approvals are collected can the file be decrypted.

Features

N-of-N Multi-Party Approval

The encryption key is split across all participants using XOR. Missing even one piece makes decryption mathematically impossible — no majority vote, no workarounds.

NFC Key Exchange

All key material is exchanged by physically tapping phones to an NFC tag. There is no network connection, no Bluetooth pairing, and no cloud relay.

Biometric Authorization

Every participant must authenticate with fingerprint or face recognition before their key piece can be released. The biometric prompt happens before the NFC exchange screen is even shown.

Challenge–Response Protocol

To prevent replay attacks, each unlock session generates a fresh 40-byte challenge with a timestamp. Each participant signs the challenge with ECDSA and the signature is verified before their piece is accepted.

Zero Cloud, Zero Accounts

CoCrypt has no backend. No account registration, no sync service, no remote key storage. Private keys never leave the device — they are stored in the platform's secure enclave (Android Keystore / iOS Keychain).

Works on Any File

Documents, images, archives, videos — anything can be wrapped in a .cvl container and shared through any channel (AirDrop, email, messaging). Sharing the file is safe; opening it is not.

Cryptography

CoCrypt is built entirely on standard, well-audited primitives. There is no proprietary cryptography. The .cvl format is an open binary container — the specification is embedded in the app source.

AES-256-GCM EC P-256 ECIES ECDSA SHA-256 XOR Key Split Android Keystore iOS Keychain

Use Cases

  • Corporate sensitive documents — Require sign-off from all board members or partners before a critical file can be accessed.
  • Family estate planning — Lock a will or asset list so that it can only be opened when all named family members are physically present.
  • Shared secrets between teams — Encrypt deployment credentials, API keys, or recovery codes so that no single person holds the full key.
  • Journalist source protection — Wrap sensitive material so that multiple trusted colleagues must authorise access, reducing single-point-of-compromise risk.
  • Offline high-security environments — Because everything happens peer-to-peer over NFC, CoCrypt works in air-gapped or internet-restricted settings.