VaultSort Logo
VaultSort
HomeChangelogv4.0.0

VaultSort 4.0.0

encryptionSecurityyubikeystorageorganization

Hardware-bound encryption with YubiKey and Touch ID, real-time progress, AI Storage Advisor, and a completely overhauled Key Settings experience.

What's New

  • V4 hardware-bound encryption — encryption keys are now derived from your YubiKey or Touch ID using WebAuthn PRF (HMAC-SHA-256 via hmac-secret). The key never leaves your hardware. Files encrypted in V4 cannot be opened without physical possession of your registered key.
  • Touch ID encryption — register your Mac's Secure Enclave as an encryption key. No hardware token required. A browser tab opens briefly to complete the WebAuthn ceremony, then closes.
  • Primary / Backup key designation — with multiple keys registered, you can now designate which key encrypts new files. All other active keys are labeled Backup. The Key Settings panel shows a star action to change your primary at any time.
  • Ceremony clarity — the status window and browser tab now headline the name of the specific key being requested, along with a Primary or Backup role chip, so you always know which physical key to reach for.
  • Backup key warning — VaultSort now warns you when an encrypted file has no backup key or recovery code, before it's too late.
  • Real-time encrypt / decrypt progress — live phase labels (compressing, encrypting, verifying, extracting) with a progress bar throughout the full operation.
  • In-app Encryption Knowledge Base — a searchable help panel covering V4 concepts, backwards compatibility, archive vs. delete, key management, and a glossary of terms like HMAC and PRF.
  • V4 / V3 format chips — each registered key now shows whether it supports V4 encryption or is limited to reading V3 files.
  • AI Storage Advisor — structured recommendations with action cards, powered by your actual storage breakdown.
  • Duplicate file scanning — per-folder progressive scanning surfaces duplicate files in Storage Overview with a dedicated insight card.
  • Interactive treemap — replace the pie chart with a zoomable treemap and breadcrumb navigation in Storage Explorer. Donut chart also available as an alternative view.
  • Operation history — encrypt, decrypt, and disk operations now log a completion record with timestamps.
  • Directories category — Advanced Organization now includes a Directories file category (Phase 1).
  • Cinematic startup intro — 3D logo animation with sound on first launch.
  • 3D YubiKey model — the Key Settings modal now features an interactive 3D key; the full status row is clickable to open settings.

Bug Fixes

  • Incompatible keys (U2F-only, YubiKey 4) are now blocked at registration with plain-language messaging — they can no longer be silently saved and fail later at encryption time.
  • PRF support is verified with a real assertion during registration, not just the unreliable prf.enabled create-time claim.
  • Disk-full conditions during encryption now show a user-friendly notification instead of a raw ENOSPC error.
  • Released the encrypted container after each operation, fixing decryption failures on low-disk systems.
  • Fixed misleading "Decryption complete" phase label appearing during post-decrypt steps.
  • Corrected false V3→V4 auto-upgrade claims throughout the knowledge base and UI copy.
  • Corrected multi-key Alert that falsely claimed all active keys can decrypt new files.
  • Fixed PRF-failure messages to name the browser (Safari / Firefox may not support PRF extensions) rather than blaming the key.

Stay Updated with VaultSort

Get the latest updates, security tips, and feature announcements delivered to your inbox.

🔒We respect your privacy. Unsubscribe at any time.