The personal vault your budget deserves.
Keepr is a secure, collaborative personal finance tool designed for couples and families. Because your budget details are your business, your data is encrypted directly on your device. We store only unreadable codeโmeaning even our backend server cannot see your transaction logs.
Meet the Vault Keeper
Like a loyal guard cat curled on top of a steel vault, Keepr keeps your budget impenetrable so you can focus on financial wellness.
On-Device Cryptography
We use standard AES-256 GCM to secure your budget database files at rest, isolated using your hardware-backed Android Keystore keys.
Collaborative Keys
Invite contributors securely via automated public key handshakes ($RSA-4096$) without intermediate server authority.
Offline-First Design
Add and edit transactions seamlessly while offline. Updates are queued locally and synchronized automatically when network channels reopen.
Keepr Alpha Testing Walkthrough
Welcome, family and early alpha-testers! Because Keepr is a privacy-first, zero-knowledge budgeting platform, it runs a little differently than normal apps. Here is everything you need to know.
What is Zero-Knowledge?
In typical applications, if you lose your password, the developer resets it because they have access to the master server database files. With Keepr, we can't do that. Before leaving your device, your financial logs are converted to unreadable strings. If we are hacked, your data is completely safe, as we don't hold your private recovery keys.
Write Down Your BIP-39 Seed Phrase
When you first create a collaborative budget, Keepr generates a standard 12-word mnemonic seed phrase. This phrase is used on-device to derive your Master Recovery RSA Private Key ($K_{recovery\_private}$).
Write this down on paper and hide it! If you uninstall the app or lose your phone, entering these 12 words is the only mathematically viable way to decrypt your cloud backup envelopes.
Collaborating: Secure Key Handshakes
Want to share a budget with your partner? Since there is no "middleman" server to distribute keys, Keepr executes a secure peer-to-peer asymmetric handshake:
- You select "Invite Contributor" and show your screen.
- Your partner scans your generated QR Code, which securely uploads their new device's Public RSA Key to our Ktor backend.
- Your app downloads their Public Key, encrypts the active budget's Symmetric database key ($K_{budget}$) with it, and pushes the secure envelope back.
- Your partner's device decrypts the envelope using their hardware-isolated Private Key. You are now collaborating securely!
Privacy Policy
Effective Date: June 4, 2026
At Keepr, we take the confidentiality of your financial logs seriously. Our service is designed to ensure maximum isolation of your data using client-side zero-knowledge encryption models.
1. Information Collection
A. Locally-Encrypted Data: Financial transaction amounts, merchant lists, store autocomplete maps, and budget names are encrypted at the client level before transport. We do not collect or possess plaintext views of this data.
B. User Metadata: We collect your Google Profile Email address and User ID (UID) solely for authorization checks and subscription status lookups.
2. Device Partitioning & Storage Security
Keepr is engineered to support secure multi-user partitioning on single physical devices. Database files (`app_database_user_${uid}.db`) are cryptographically isolated utilizing 256-bit passphrase keys generated inside the hardware-backed Android Keystore via SQLCipher. Data remains locked until authenticated by your validated Google credential manager session.
3. Third-Party Payments
All subscription transactions, checkout events, and entitlement purchases are securely processed entirely through the Google Play Billing Library. Keepr does not hold, parse, or process credit card, banking, or direct payment configurations.
Terms of Service
Effective Date: June 4, 2026
Welcome to Keepr. By initializing our zero-knowledge personal finance services, you agree to comply with and be bound by these legal terms.
1. Cryptographic Isolation Liability
You acknowledge that Keepr is built on a client-side encrypted model. The developer holds zero recovery private keys or backdoors. If you lose your 12-word recovery seed phrase and uninstall the Keepr software, the developer possesses no mathematical way to retrieve, restore, or reconstruct your encrypted budget logs.
2. Fair Usage Policy
We reserve the right to limit account metadata routing features for users violating local platform protocols. Users are responsible for maintaining the privacy and security of their individual device access parameters.
3. Entitlements and Billing
Subscription management, subscription upgrades (such as `feature_base_sync`), billing issues, and refund reviews are entirely governed by the policy regulations of Google Play.