← SHIPYARD/DAVEY_JONES_LOCKER.dmg ════════════════════════════════════════════════════════════════════════════════
Davy Jones is the spirit of the deep. His Locker is not a myth of death but of custody. Every ship the sea has claimed, every cargo sent to the bottom, every soul who disappeared over the rail at night went under his authority. Not lost. Claimed.
The Locker is the oldest metaphor for an impenetrable vault. Unreachable by salvage. Held at a depth no recovery operation has ever reached. What goes there is not gone. It is kept. The difference matters.
This vault operates on the same principle. What you store here is secured under post-quantum cryptography that every major government is actively racing to implement. The key exists nowhere in the world except in your memory. No workaround exists because none was built. What is sealed in this Locker stays sealed on your terms alone.
Quantum decryption is not a future threat. It is a present migration. Federal agencies are actively transitioning critical systems to post-quantum cryptographic standards, not as a contingency, but as an operational directive. If you are still relying on RSA or elliptic-curve encryption, you are accumulating liability that a quantum adversary can cash out retroactively. Every byte your current vault protects today can be captured now and decrypted later.
Davey Jones Locker was built for this reality.
DJL ships the full NIST post-quantum cryptographic stack: ML-KEM-1024 and ML-DSA-87, finalized in August 2024. That is its default key architecture. Not a future roadmap item. Not a beta toggle. It is the foundation every credential and file in the vault rests on, sealed by AES-256-GCM and hardened by an Argon2id key derivation function that makes brute-force attacks computationally catastrophic regardless of hardware.
But cryptographic compliance is the floor, not the ceiling.
Three scenarios define why operators need more than encryption.
SCENARIO ONE: DEVICE COMPROMISE. Someone has physical access to your machine. DJL's master key never touches disk. It lives only in volatile RAM while the vault is open. Lock it, and the key ceases to exist. There is no file to image, no keyfile to extract. The vault is a sealed container. Without the passphrase, the data inside is indistinguishable from random noise.
SCENARIO TWO: REMOTE INTRUSION. A threat actor has a persistent presence on your network and is watching for the moment you unlock. DJL's Dead Man's Switch runs a live background thread monitoring a user-configured check-in window. Miss it, and the vault destroys itself. No alert. No prompt. No trace of what was there. The auto-destruct threshold works the same way against brute-force login attempts: set your limit, and the vault executes on exceedance. No lockout screen. No data.
SCENARIO THREE: NEED TO DISAPPEAR. The situation has changed and the vault cannot be left behind. One command: Scuttle. Keyboard confirmation. The Vault Master Key is destroyed in RAM. Self-destruct does not erase your data. It makes it permanently useless. Every credential and file on disk becomes AES-256-GCM ciphertext with no key in existence to decrypt it. Any data recovered from storage media after self-destruct is permanently and mathematically inaccessible, indistinguishable from random noise. No forensic tool, however sophisticated, can recover your credentials or files without the key. The key no longer exists. Multi-pass overwriting is applied as supplementary best-effort hygiene on non-flash environments. Then the application removes itself from the host: binaries, caches, preferences, residual storage, and system index entries. The ship sinks. The locker goes to the bottom.
This is not a password manager with extra features. It is a precision instrument designed around the principle that operational security is not a setting. It is a discipline. DJL enforces it at every layer.
DJL destroys what it protects. DEEP_SIX destroys everything else.
────────────────────────────────────────────────────────────────────────────────
PROTOCOL 01: DEVICE COMPROMISE
THREAT ▸ Physical access. Disk imaging. Forensic extraction.
The master key never touches disk. It exists only in volatile RAM while the vault is open. Lock it, and the key ceases to exist. No file to image. No keyfile to extract. The vault is cryptographically sealed. Without the passphrase, the contents are indistinguishable from noise.
PROTOCOL 02: REMOTE INTRUSION
THREAT ▸ Persistent network presence. Brute-force attack. Surveillance window.
Dead Man's Switch monitors a user-set check-in window. Miss it, and the vault destroys itself. Silent. Automatic. Complete. Auto-destruct threshold triggers on failed logins. No lockout screen. No data.
PROTOCOL 03: SECURE DECOMMISSION
THREAT ▸ Device must be securely retired. No data can remain.
Scuttle. One command. One confirmation. The Vault Master Key is destroyed in RAM. All AES-256-GCM ciphertext on disk becomes permanently and mathematically inaccessible. Equivalent to NIST SP 800-88 Purge-class erasure, the same standard Apple uses for FileVault and Erase All Content. Any data recovered from storage media is indistinguishable from random noise. No forensic tool can recover your credentials or files without the key. The key no longer exists. Multi-pass overwriting is applied as supplementary best-effort hygiene on non-flash environments. Then the application removes itself: binaries, caches, preferences, system index entries. The ship sinks. The locker goes to the bottom.
────────────────────────────────────────────────────────────────────────────────
NIST CERTIFIED — THE SAME STACK FEDERAL AGENCIES ARE CURRENTLY SCRAMBLING TO ADOPT
STANDARDCERTIFICATIONCLASSIFICATIONOPERATIONAL DETAIL
AES-256-GCMFIPS 197 · NSA Suite BNSA SUITE B ALGORITHMAll credentials and file blobs encrypted with the same post-quantum key stack. The same algorithm used in TOP SECRET government systems.
ML-KEM-1024NIST FIPS 203 · Finalized Aug 2024FIPS 203 COMPLIANTImplements the official post-quantum key encapsulation standard. Most enterprise vendors are still in transition planning. DJL ships it as default.
ML-DSA-87NIST FIPS 204 · Finalized Aug 2024FIPS 204 COMPLIANTImplements the official post-quantum digital signature standard for vault header authentication and integrity verification.
Argon2idNIST SP 800-63B · PHC WinnerSP 800-63B RECOMMENDED64 MB memory / 3 iterations / 4 parallelism. Brute-force is computationally prohibitive at any hardware scale.
Cryptographic ErasureNIST SP 800-88 · Purge ClassSP 800-88 PURGE CLASSVMK destruction in RAM renders all AES-256-GCM ciphertext permanently and mathematically inaccessible, equivalent to NIST SP 800-88 Purge-class erasure, the same standard Apple uses for FileVault and Erase All Content. Recovered data is indistinguishable from random noise. No forensic tool can recover credentials or files without the key. Multi-pass overwriting applied as supplementary best-effort hygiene on non-flash environments.
────────────────────────────────────────────────────────────────────────────────
Credential Manifest: passwords, 2FA TOTP seeds with live auto-refreshing codes, and secure notes in one unified vault
Built-in TOTP authenticator: live one-time codes with countdown ring and QR code scanner; no separate authenticator app needed
Password generator: configurable length (8-128 chars), character sets, and real-time entropy bit display with five-tier strength rating
Clipboard auto-clear: copied passwords and TOTP codes wipe themselves after a configurable timeout (5s / 15s / 30s / 60s / off)
Sunken Vault: drag-and-drop encrypted file storage; Secure Bury mode cryptographically wipes the source file after encryption
Auto-Destruct: configurable brute-force threshold (1-20 attempts) destroys the Vault Master Key in RAM, permanently locking all ciphertext; manual Sink the Ship on demand
Dead Man's Switch: vault auto-wipes if a check-in is missed (12h / 24h / 72h / 7d / 30d); invisible to anyone who doesn't know it's active
Scuttle: one command demolishes all vault data and removes the application from the host system entirely
Key Rotation: re-encrypts every credential and file under fresh ML-KEM + ML-DSA keypairs in a single atomic transaction
Browser Extension Bridge: serves domain-matched usernames to the DJL Chrome extension over a local authenticated socket; passwords never leave the vault
Encrypted Audit Log: every vault action logged and encrypted with the VMK; 500-entry circular buffer, unreadable without your passphrase
Encrypted Backup: export a .djl archive protected by an independent export passphrase; safe for cold storage or external drives
Idle Auto-Lock: configurable inactivity timeout (1 / 5 / 15 / 30 min) with on-screen countdown in the final 30 seconds
Terminal Command Bar: keyboard-first command interface for power users; full session history echoed in a live terminal log panel
────────────────────────────────────────────────────────────────────────────────
⚠ Single-operator license. WARNING: Loss of master passphrase results in permanent, unrecoverable data loss. No backdoors exist. No recovery mechanism exists. Not for redistribution.
════════════════════════════════════════════════════════════════════════════════
Most people will never need what DJL offers. That is precisely the point. This is an invitation — not to a product, but to a standard of security that most consumer software will never attempt to reach. If you are still here, you already know the difference between a lock and a locker.
ACQUISITION_COST: $49.99 USD
SECURE PAYMENT VIA STRIPE · INSTANT DIGITAL DELIVERY · VERIFIED PRIVATEERS ONLY