Why is the masterkey stored in the cloud?


Inside the storage location of a Cryptomator vault, you will find a file called masterkey.cryptomator. This file is stored in the cloud to allow convenient access to a vault on different devices.

What does this file contain?

This file contains encrypted data, which is needed to derive the masterkey from your password. The file does not contain the decrypted masterkey itself. In addition, some metadata about the vault (e.g., the version of Cryptomator used to create it) is also stored in this file.

Is this a security problem?

No. The encrypted key in masterkey.cryptomator is not more sensitive than the encrypted files themselves.

For more details on how this exactly works, take a look at our security architecture.

Masterkey stored in plain text on iCloud Drive
Master-Key in der Cloud?!
Automatically syncing to the cloud