The security model

Your secrets never
leave the device.

KeyRote is a memory trainer, so the safest place for a secret is your own head. While it lives in the app, here is exactly where it sits, how it is split apart, and how you can confirm none of it ever goes anywhere.

01

It works fully offline.

KeyRote does not have an account, a server, or a sync service. Everything happens on your iPhone. There is no network call to make, because there is nowhere for your secrets to go.

You do not have to take our word for it. iOS keeps a record of every connection an app makes, and you can read KeyRote’s for yourself.

Verify it yourself

  1. Open Settings on your iPhone.
  2. Go to Privacy & Security.
  3. Open App Privacy Report and turn it on if it isn’t already.
  4. Use KeyRote for a few days, then check it: KeyRote shows no network activity.
02

Two halves that can’t be rejoined.

A secret in KeyRote is stored apart from anything that says what it is. The value and its label live in two different places, each with its own random identifier, so neither half points to the other without the app itself.

The secret value

iOS Keychain

The actual PIN, passcode or password is held in the system Keychain — the same hardware-backed store iOS uses for its own credentials.

id · 7f2a…c19

The label & progress

A separate on-device database

The name you gave it, when you added it, and how your practice is going live in a local metadata database — with no copy of the secret itself.

id · 4b9e…a02

Each side carries its own independent identifier. Pick up one database on its own and there is no thread back to the other — only KeyRote, running on your unlocked phone, can bring the two together.

03

You choose how reversible it is.

For each secret you add, you decide how it is kept:

Recoverable

The secret can be read back by the app on your device. This is what makes graduated hints possible — a partial clue, an input check, a reveal. Best for things you are actively learning.

One-way & hashed

The secret is stored as a one-way hash. KeyRote can check whether what you typed is right, but it can never turn the hash back into the secret. No one — not even KeyRote — can reveal it.

04

Locked behind your phone.

KeyRote opens behind your phone’s own authentication — your biometrics or your device passcode. It leans on the protections already built into iOS rather than inventing its own, so the lock on your secrets is the same lock you already trust.

That’s the whole story. The rest is up to your memory.