How it works...

  • Per-Record Encrypted Blobs

    Each item (firearm, accessory, ammo) is converted to JSON, encrypted
    with your master key, and uploaded as an encrypted blob. Apple's
    CloudKit stores these blobs but cannot read them.

  • Vector Clock Sync

    Each encrypted blob includes a vector clock that tracks which device
    made the last change. This enables conflict-free replication—when you
    edit the same item on two devices, ArmoryHub automatically merges the
    changes correctly.

  • Incremental Downloads

    Server change tokens track what you've already downloaded. When syncing,
    you only download new or changed encrypted blobs—not your entire
    collection every time.

  • The Result

    Fast, efficient sync that keeps your data encrypted end-to-end. Your
    devices stay in sync, Apple sees only encrypted blobs, and you maintain
    complete privacy.

Different Levels of Security....

  • None!

    No biometrics, no PIN, no encryption. Just open the app and go!

  • Biometrics Only

    Use FaceID or TouchID to unlock the app. Fast and convenient and protects from curious eyes.

  • PIN Protection

    Set a 6-digit PIN to lock the app. Simple and effective.

  • PIN + Encryption

    Your data is encrypted when the app is locked. Same encryption banks use.

    • Data is scrambled when locked
    • Unreadable without your PIN
    • Generate backup QR code

FOR MAXIMUM SECURITY

ENABLE BIOMETRICS, PIN AND ENCRYPTION WITHOUT CLOUD SYNC. ALL DATA STAYS ON YOUR DEVICE AND IS ENCRYPTED AT REST.

WARNING

IF YOU FORGET YOUR PIN AND ENCRYPTION IS ENABLED, YOUR DATA IS LOST FOREVER. THERE ARE NO BACKDOORS OR RECOVERY METHODS. THIS IS KEY TO ZERO KNOWLEDGE ENCRYPTION.

For Technical Users

Encryption: AES-256-GCM (same as banking apps)

Key Derivation: PBKDF2-SHA256 with 310,000 iterations

Key Storage: iOS Keychain with kSecAttrAccessibleWhenUnlockedThisDeviceOnly

Frameworks: Apple CryptoKit and CommonCrypto (no custom crypto)