ChainSimple // Neural Vault Terminal

Encrypt first. Broadcast second. Decrypt only when you choose.

This single-page terminal gives you a clean operator workflow for live wallet queries, local AES-GCM encryption, PBKDF2-derived keys, encrypted chain broadcasts, and later recovery of plaintext from a Whatsonchain plugin URL or pasted envelope JSON. The passphrase never needs to leave the browser.

Cipher AES-256-GCM
KDF PBKDF2 + SHA-256
Envelope Versioned JSON
Execution Local Browser Crypto

Network Access

Configure your uplink target and authorization. The API key is only used for calls to your ChainSimple service.

Node Control
Your ChainSimple API root. Change this if you deploy a different instance.

Broadcast Composer

Write a payload, optionally encrypt it locally, preview the final envelope, and broadcast to chain.

Encrypt + Publish
Plain text goes in here. When encryption is enabled, this text is encrypted in-browser before publication.
Select any file (PDF, PNG, MP3, ZIP, etc). File will be encrypted as binary data.
Encrypt before broadcast Recommended. Uses PBKDF2-SHA256 to derive an AES-GCM key from your passphrase.
Encrypted Mode
Keep this safe. The wrong passphrase will not decrypt the payload.
Higher values strengthen brute-force resistance but take longer.
Non-secret metadata label to help you identify the payload later.

Recovery & Decryption

Recover an encrypted payload from a plugin URL or paste the JSON envelope directly, then decrypt locally with the original passphrase.

Recovery Flow

System Console

Live execution status, network responses, payload previews, and envelope diagnostics.

Realtime Output
Standby Encrypted Mode WebCrypto Ready
Envelope Type
Algorithm
KDF
Iterations
Created At
Content Type
No envelope inspected yet.
chainsimple://neural-vault-terminal 
SYSTEM::READY
- Web Crypto API initialized
- AES-GCM encryption available
- PBKDF2 key derivation available
- Waiting for operator input...
For best security, never send the passphrase to your backend. Let the browser derive the key, encrypt before publishing, and decrypt only in local memory when recovery is needed.