Security

The app can’t leak what it can’t reach.

MetroVault doesn’t just avoid the network — it asks Android to deny it one. Everything else is defense in depth.

<!-- AndroidManifest.xml — the complete permission list -->
<uses-permission android:name="android.permission.CAMERA" />
<uses-permission android:name="android.permission.USE_BIOMETRIC" />
That’s the entire permissions manifest. Without android.permission.INTERNET, the operating system itself refuses the app any network access. It isn’t a setting you trust — it’s structural.

Dual-layer encryption

Wallet data is encrypted with AES-256-GCM using a key derived from your password (PBKDF2, 210,000 iterations), then wrapped again by the hardware-backed Android Keystore.

Hardware biometrics

Optional fingerprint or face unlock using BIOMETRIC_STRONG, cryptographically bound to the Keystore — not a cosmetic lock screen.

Plausible deniability

Set a second password that opens a separate decoy vault. Under duress, you can unlock the app without revealing your real wallets.

Brute-force protection

Failed logins trigger exponential backoff rate limiting, escalating to a 24-hour lockout. Guessing passwords gets expensive fast.

Optional auto-wipe

Turn on Wipe Data on Failed Login and the vault destroys all sensitive data after 4 wrong passwords.

Verify, don’t trust

GPL-3.0 code, reproducible F-Droid builds verified byte-for-byte against the source, and a fully documented security model.

Read the full security model

Honest comparison

Why not just buy a hardware wallet?

Dedicated signers are excellent devices, and this table is fair to them. MetroVault exists because a spare phone gets you real cold storage today — for free.

MetroVault on a spare phoneDedicated hardware signer
Price$0 — reuse a phone you already own$70–$250 for a new device
Verification screenFull-size touchscreen — read every address and output comfortablyOften a small display with abbreviated details
Supply chainAny phone, from any shop, bought any way — nothing links the purchase to bitcoinShipped to your address; the purchase itself says you own bitcoin
Secure elementAndroid Keystore (StrongBox/TEE on supported phones) under a general-purpose OSDedicated secure element with a tiny attack surface — the category’s core strength
Source codeFully open, GPL-3.0, reproducible builds on F-DroidVaries — some fully open, some partially or fully closed

If you already own a dedicated signer you trust, keep using it. MetroVault shines as a zero-cost entry into self-custody, a backup signer, or one independent key in a multi-sig quorum alongside other hardware.