Your Keys. Your Vault.
No Central Server.
NodeZero replaces LastPass with hardware-backed encryption, DID-based identity, encrypted email for Gmail, a multi-chain HD wallet, and a zero-knowledge architecture. No master password. No breach target. No usage tracking — not even by us.
Open source · No account required · AGPL-3.0 · Contact us
Beta — NodeZero is under active development and has not yet undergone a formal third-party security audit. Keep your 12-word recovery phrase safe and exercise caution with high-value credentials.
Everything you need, nothing you don't
Core security is never paywalled. Hardware keys, local encryption, and MFA are free for everyone.
Hardware-Backed Encryption
Your vault key is derived from a hardware security key or biometric. No master password to crack, ever.
DID-Based Identity
Your cryptographic identity is self-sovereign, portable, and free from any central authority.
Field-Level Encryption
Every field is encrypted individually with unique random keys. No single-blob vault.
Google Drive Sync
Your encrypted vault syncs across devices via your own Google Drive. Merge-before-upload conflict resolution prevents data loss. No central server — you own the storage.
One-Click Import
Migrate from LastPass, 1Password, Bitwarden, or Chrome in seconds with drag-and-drop CSV import. Duplicate detection built in.
Encrypted Email for Gmail
End-to-end encrypted email inside Gmail. Right-click to encrypt for any recipient. Auto-decrypt on read. No PGP, no key servers.
Biometric & Passkey Unlock
Unlock with Windows Hello, Touch ID, or a hardware security key. No master password. Your face, fingerprint, or YubiKey is the key.
Multi-Chain HD Wallet & Swap
Built-in EVM and Bitcoin wallet derived from your recovery phrase. Send, receive, and swap tokens on Base via Uniswap v4 — all without leaving the extension.
Delegation & Secure Sharing
Share credentials with trusted contacts via time-limited, revocable Delegation VCs. X25519 key wrapping ensures only the delegate can decrypt.
Security Audit Report
Automatic detection of weak, reused, and aging passwords. Composite security score from 0 to 100 with actionable insights.
Side Panel & Dashboard
Open NodeZero as a Chrome side panel for a persistent view. A dashboard landing page shows your security score, vault stats, and wallet balances at a glance.
Lightweight & Fast
A browser extension under 3 MB. No desktop app needed. No account required. Install and go.
Built for how you actually browse
Right-click to fill. Import in seconds. Sync across every device. No desktop app required.
Setup in under a minute
Install the extension, register your passkey with Windows Hello or a hardware key, and write down your 12-word recovery phrase. No email. No phone number. No account creation.
- Hardware-backed encryption via passkey
- 12-word recovery phrase you control
- Works with YubiKey, Windows Hello, or Touch ID
Welcome to NodeZero
A decentralized password manager. Your vault is encrypted and synced via Google Drive — only you hold the keys.
Right-click. Done.
No intrusive popups. No auto-fill surprises. Right-click any login form to fill credentials, generate a strong password, or save a new login. You're always in control.
- Context-menu autofill — no DOM injection
- One-click strong password generation
- Password strength meter built in
Switch in seconds
Export your passwords from Chrome, LastPass, 1Password, or Bitwarden as CSV. Drag and drop into NodeZero. Every entry is encrypted individually with unique random keys.
- Import from 4 major password managers
- Each entry encrypted with a unique key
- CSV is never uploaded — parsed locally in your browser
Import Credentials
Where are you importing from?
Go to chrome://settings/passwords → click ⋮ → Export passwords → Save CSV.
Aglo+rIkeKAlAJYUULeJClz0z8Dq
Encrypted email inside Gmail
Right-click in any Gmail compose window to encrypt your message for all recipients. NodeZero uses X25519 ECDH with ephemeral keys for forward secrecy. The server never sees email addresses or content — only opaque SHA-256 hashes mapped to public keys.
- Multi-recipient encryption (To + CC + BCC)
- Auto-decrypt with optional Gmail permission
- No PGP, no key servers — uses your existing DID identity
Opt-in by design: Each user must explicitly link their email via right-click → NodeZero → Link this email to my identity before others can encrypt messages to them. No automatic enrollment — your anonymity is preserved until you choose to participate.
Built different from the ground up
Traditional password managers store your vault on their servers and protect it with a master password — a single point of failure. NodeZero eliminates both.
Your vault is encrypted locally before it ever leaves your browser. Each field gets its own AES-256-GCM encryption with a unique random nonce — not a single blob. Your DID key never touches a server. There's no central database to breach, no master password to crack, and no recovery backdoor for attackers to exploit.
NodeZero also adds end-to-end encrypted email inside Gmail — the server never sees your addresses or content, only opaque hashes and ciphertext. Vault sync goes through your own Google Drive — no central server stores your data, and we have no way to track your usage.
Your recovery phrase doubles as a multi-chain HD wallet — Ethereum, Base, Polygon, Arbitrum, BSC, and Bitcoin (SegWit + Taproot). A built-in security audit scores your vault for weak, reused, and aging passwords. Share credentials safely via time-limited Delegation VCs that the recipient can't forward.
Read the source on GitHubZero-knowledge sync, zero central servers
Your vault syncs via your own Google Drive. NodeZero encrypts everything locally before upload — Google stores only ciphertext it cannot read.
Encrypt Locally
Every vault entry is encrypted individually with unique random keys derived from your hardware-backed secret. The encryption happens entirely in your browser before any data leaves your device.
Your Google Drive
The encrypted vault file is stored in your own Google Drive — not on our servers. You control the storage. You can revoke access anytime from your Google account settings.
Smart Merge
When syncing across devices, NodeZero performs merge-before-upload with per-entry conflict resolution. Ed25519 signatures detect tampering before decryption. No data loss. No silent overwrites.
No central server. No usage tracking. NodeZero never sees your vault data. Google Drive stores only encrypted blobs it cannot read. The extension is 100% open source — audit every line yourself.
Three steps to total control
No accounts. No emails. No phone numbers. Just install, secure, and browse.
Install & Setup
Install the Chrome extension. Register your passkey or set a vault PIN. Takes under a minute.
Secure Your Vault
A recovery phrase is generated for you. Verify three words. Your vault is sealed with hardware-grade encryption.
Browse with Control
Right-click to fill, generate, or save credentials. No auto-fill surprises. You're always in control.
See NodeZero in action
From setup to daily use — four short videos covering the why, the how, the what, and everything new.
Your Keys. Your Vault.
See the core philosophy behind NodeZero — decentralized credentials with zero central servers.
Cryptography of Trust Explained
Deep dive into DID-based identity, field-level encryption, and hardware-backed key derivation.
Your Keys, Your Vault — Use Cases
Real-world scenarios: importing passwords, cross-device sync, and mnemonic recovery.
What's New in NodeZero
Encrypted email for Gmail, biometric unlock, vault backup, points budget, and all the latest enhancements.
100% free. No catch.
Every feature is free, forever. No premium tier, no subscriptions, no paywalls.
Free
ALL FEATURESEverything included. No premium tier, no subscriptions, no paywalls. Every feature is free, forever.
- Unlimited passwords & notes
- Hardware-backed & biometric unlock
- Recovery phrase backup
- Cross-device sync via Google Drive
- CSV import (4 formats)
- Encrypted email for Gmail
- Multi-chain HD wallet (EVM + Bitcoin)
- In-extension token swap (Uniswap v4)
- Security audit report
- Side panel mode & dashboard
- Context menu actions
- Auto-lock (10 min idle)
- Vault backup to encrypted file
- Delegation & secure sharing
- Encrypted file attachments Soon
Donate
SUPPORTNodeZero is free and open source. If you find it useful, consider donating to support continued development.
- Keep NodeZero free for everyone
- Fund new features and improvements
- Support an independent developer
- No perks or gating — just gratitude
No features are paywalled. NodeZero is sustained by donations, not subscriptions.
Transparency is not optional
Every line of encryption code, every sync protocol, every key derivation function — auditable by anyone. Security through transparency, not obscurity.
Install for ChromeReady to own your credentials?
Install in under a minute. Import your passwords. No account, no email, no tracking. Your keys. Your vault. Your rules.