What is Plaintext?

Plaintext is not limited to text — it refers to any unencrypted data, whether that is a password string, binary file contents, or structured data like JSON. The term distinguishes readable, unprotected data from its encrypted counterpart (ciphertext).

The security of any encrypted system depends on minimizing the places and time spans where plaintext exists. Every location where plaintext is present — browser memory, server memory, disk storage, network transit, log files — is a potential attack surface. Secure systems are designed to ensure plaintext exists only where and when it is strictly needed.

A common vulnerability is inadvertent plaintext exposure: logging sensitive data, storing unencrypted backups, or transmitting credentials over unencrypted channels. Security breaches frequently exploit plaintext that was supposed to be temporary but ended up persisting in logs, crash dumps, or message histories.

How Vaulted uses Plaintext

In Vaulted, plaintext exists only in two places: the sender's browser (while they type the secret and during encryption) and the recipient's browser (after decryption). The plaintext is never sent over the network, never stored on the server, and never written to any log. The moment the browser tab is closed, the plaintext exists only in the user's memory or wherever they chose to copy it.