// DOWNLOAD CYPHERRUM
Local-first vault encryption. One click away.
Pick your platform. Auto-update is built in (since v0.4) — this is the only time you'll do this manually.
- Download WindowsAuthenticode-signedWindows
CypherrumSetup-0.12.1.exe · 11.6 MB
Portable .zip · 10.7 MB - Download macOSmacOS
Cypherrum-0.12.1.dmg · 14.5 MB
First launch on macOS: until notarization ships, Gatekeeper warns. Right-click the app → Open → Open to bypass.
- Download LinuxLinuxDebian / Ubuntu
cypherrum_0.12.1_amd64.deb · 10.6 MB
Fedora / RHEL (.rpm) · 10.5 MB - Download Linux PortableLinux Portable
Cypherrum-Linux-Portable-0.12.1.tar.gz · 10.1 MB
Works on any Linux distro with fuse3 installed (sudo apt install fuse3 / sudo dnf install fuse3).
// SYSTEM REQUIREMENTS
Will this run on your machine?
Cypherrum's footprint is small — idle, it sits in your system tray and reacts to filesystem access on your unlocked vaults. No background indexing, no telemetry.
| Platform | Minimum OS | Required dependencies | Footprint |
|---|---|---|---|
| Windows | Windows 10 (1809) or later, 64-bit | Dokany kernel driver (MIT) — bundled in the installer, no extra step | Lightweight |
| macOS | macOS 12 Monterey or later | None — uses the OS-native WebDAV stack | Lightweight |
| Linux (Debian / Ubuntu) | Debian 12+ or Ubuntu 22.04+ | fuse3 package (sudo apt install fuse3) | Lightweight |
| Linux (Fedora / RHEL) | Fedora 38+ or RHEL 9+ | fuse3 package (sudo dnf install fuse3) | Lightweight |
// VERIFY YOUR DOWNLOAD
Two ways to prove the bytes are ours.
Authenticode (Windows). Cypherrum's Windows binaries — installer, GUI, service, and the E2E test runner — ship Authenticode-signed by Logiqum Korlátolt Felelősségű Társaság via Azure Artifact Signing (formerly Trusted Signing) since v0.11.1.
# Windows verification (PowerShell)
Get-AuthenticodeSignature CypherrumSetup-0.12.1.exe | Format-List
# Expected: Status=Valid
# SignerCertificate publisher="Logiqum Korlátolt Felelősségű Társaság" SHA-256 manifest (cross-platform).
Every release publishes a SHA256SUMS file
covering all binaries, plus SHA256SUMS.sig —
a detached signature on the manifest. Verify the manifest first, then your download.
# 1. Download SHA256SUMS + SHA256SUMS.sig from the release page
# 2. Verify the manifest signature with the Cypherrum release-signing key
gpg --import RELEASE-SIGNING-KEY.asc
gpg --verify SHA256SUMS.sig SHA256SUMS
# 3. Verify your binary matches the manifest
sha256sum -c SHA256SUMS --ignore-missing// AFTER INSTALLING
What happens next.
- STEP 1
Cypherrum starts in the system tray
Windows and macOS: look for the Cypherrum icon in the tray / menu bar. Linux: the background service starts on first run (enable at login via Settings → Service → Start at login).
- STEP 2
Create your first vault
Pick a location, a strong password, and you'll be shown a one-time recovery key — print it and store it offline. You won't see it again.
- STEP 3
Mount it
Cypherrum maps the vault to a drive letter (Windows), a /Volumes/ mount (macOS), or a ~/cypherrum/ mount (Linux). Drop files in. They're encrypted on the way down.
- STEP 4
Auto-update keeps you current
Cypherrum checks for updates in the background (since v0.4) and applies them between sessions. This is the only manual install you'll do.
📖 Full walk-through: the user guide covers sharing, recovery, Cryptomator import, password-manager unlock, and more.
// OLDER RELEASES & CHANGELOG
Need an older version or want to see what changed?
Cypherrum follows semantic versioning. The on-disk vault format has its own version number, documented in the vault format spec.
// READY?
Pick your install above ↑
Or learn more about how Cypherrum is built.