How secure is considered Cryptomator in case of rooted or hacked iOS device?

How secure is cryptomator password stored in iOS device in case the device is hacked e.g. by using a zero day exploit or jailbroken when the master password is entered and the fingerprint unlocking is enabled? What about the data stored in cryptomator? Does it store the master key on the device keychain or uses the secure enclave to encrypt it? I’m asking in the light the Google’s Project Zero reports about the iOS Security Vulnerabilities.

We have to do some research to be certain.

All I can say right now is: If secrets stored by the OS are exposed, then the vault’s password and thus the masterkey and all its data is too.

@tobihagemann Will give some more details on how the password is stored exactly if you opt in for Touch ID.