How we keep you safe.
Non-custodial, offline-first, and open source. Verify the threat model, architecture decisions, and cryptographic core yourself.
Three rules. No exceptions.
Non-custodial
We never hold the key to your funds, only you do. Frag-ment can't access, recover, or transmit your seed on your behalf, by design.
Offline-first
No internet connection is required, ever. Fragmentation, encryption, reconstruction: every operation runs entirely on your machine. No telemetry, no analytics, no background calls. Your seed phrase never touches the internet.
Open source core
The cryptographic engine (fragmentation, reconstruction, encryption) is open source and auditable on GitHub. You don't have to take our word that the math is right. You can verify it yourself.
Shamir fragmentation is safe by design.
Mathematically worthless in isolation. Each fragment reveals strictly nothing about the original seed phrase when held alone. This is not a probabilistic claim. It is an information-theoretic guarantee. No amount of computing power can extract the secret from a single fragment.
No single point of failure. Lose one fragment, have one stolen, have one destroyed, and nothing changes. The threshold scheme ensures that partial loss never becomes total loss. Your seed phrase survives accidents, theft, and time.
Battle-tested cryptography. SLIP39 has been implemented by SatoshiLabs since 2013. Shamir's Secret Sharing secures the DNS root keys that underpin the entire internet. This is not experimental. The math has been proven and audited for decades.
Read the SLIP39 specification →What we protect against. And what we don't.
Loss of one or several fragments
An M-of-N scheme is designed for this. As long as M fragments survive, your seed phrase can be fully reconstructed.Theft of a single fragment
An attacker holding fewer than M fragments learns nothing about your seed phrase.Single point of failure
No fire, no flood, no lost notebook can wipe out your access if your fragments are distributed across locations.Service shutdown or company failure
Frag-ment is non-custodial. If the project disappears tomorrow, your fragments still work; the format is an open source standard.
A compromised machine during fragmentation
If your computer has malware reading memory or keystrokes when you enter your seed phrase, no software can save you. Use a clean, preferably air-gapped device for the initial fragmentation. An old laptop, wiped and never reconnected to the internet, works perfectly.Coercion of M or more fragment holders
If someone forces M people to give up their fragments simultaneously, the seed phrase can be reconstructed. Adding an encryption password to each fragment provides an additional layer of protection. Even M combined fragments are useless without it.
Don't trust. Verify.
Open source cryptographic core
The fragmentation, reconstruction, and encryption logic is published on GitHub. You can read it, run it, test it, or fork it. We encourage independent review. View the repository →
Standards over invention
We use SLIP39 (standard developed by SatoshiLabs) for fragment formatting. Where standards exist and have been audited, we use them. We don't roll our own cryptography.
Independent security audit
A full security audit by a recognized firm is planned before the V1 stable release. The full report will be published. We will announce the date once contracted.
A second lock on every fragment.
Optional but powerful. Each fragment can be encrypted with a password before storage. Even someone who gathers enough fragments to reconstruct your seed phrase learns nothing without that password. It never leaves your memory. We never store it. It doesn't exist anywhere except where you put it.
Independent layers. The threshold scheme and the password protection operate independently. Breaking one doesn't compromise the other.
Password protection is part of the SLIP39 standard.
Decisions we made on your behalf.
Memory wiped after use
Your seed phrase exists in memory only during fragmentation, then is securely overwritten. It is never written to disk in plaintext, never cached, never logged.
No telemetry, no analytics
The application makes no outbound network calls during cryptographic operations. We do not collect usage data, crash reports, or any form of telemetry.
Optional encryption password
Each fragment can be encrypted with a password before storage. Even if a fragment is found, it remains useless without the password, adding a second layer of protection.
Standards over proprietary formats
Fragments use SLIP39 format, readable by any compatible tool. If Frag-ment ever disappears, your fragments remain usable with other software. No lock-in. No proprietary container.