Start a 14-day trial
Security

Encrypted. Recoverable. Ransomware-resistant.

Encrypt on your Mac before upload. Verify both recovery paths at setup. Lock cloud snapshots so a compromised Mac can't delete them.

Start a 14-day trial Full trust report →

No card required

AES-256

Backed-up file contents are encrypted on your Mac before upload. Keys are not uploaded in plain text.

Verifiedat setup

Both recovery paths — passphrase and recovery code — must unwrap the data-encryption key before macup considers your account configured. No write-it-down-and-hope.

Object Lock

macup Cloud snapshots are held in compliance-mode retention for the window included with your plan.

Zero-knowledge, explained

We see ciphertext. Not content.

Client-side encryption means file contents are protected before upload. macup stores ciphertext and account metadata, not readable backup files.

How keys work

Two verifiable recovery paths, one convenience layer.

Privacy is only useful if recovery still works. macup verifies the two recovery paths it asks you to keep.

Verifiable · Required

Passphrase

At setup you pick a passphrase. macup derives a key from it using Argon2id and uses that key to wrap your data-encryption key. Only the ciphertext goes to our server. When you enter the passphrase on a new Mac, the client unwraps the key locally. macup does not receive the passphrase itself.

  • Verifiable: Setup checks that the passphrase can unwrap the key before macup marks recovery ready.
  • Rate-limited: 5 attempts per workspace per 15-minute window. Sustained brute-force attempts are throttled and alerted.
  • Rotatable: Change the passphrase from the dashboard any time.
Verifiable · Required

Recovery code

A cryptographically-random 256-bit code generated at setup, shown once, stored in your password manager. Wraps the data-encryption key independently of the passphrase, so forgetting one doesn't lock you out.

  • Verifiable: Setup checks that the recovery code can unwrap the key before macup marks recovery ready.
  • Machine-generated: 256 bits of entropy, not a human-chosen phrase. Not memorable. That's the point.
  • Rotatable: Regenerate a new code any time; old one is invalidated.
Convenience · Secondary

iCloud Keychain sync

When iCloud Keychain is on, the device Keychain can sync key material across your Apple-ID Macs. New Mac, sign in, and that convenience path may already be there.

Why this is secondary: macup cannot verify iCloud Keychain sync from a single Mac. Passphrase and recovery code are the recovery paths macup tests directly.
Recovery, in practice

What it looks like to come back from a lost Mac.

Sign in. Enter what you have. Your snapshots return. The keys never leave your machine.

  1. Sign in on a new Mac

    macup recognises your account, finds your encrypted snapshots, and asks for the key material. Nothing readable has been served yet.

  2. Enter your passphrase — or paste your recovery code

    Passphrase first. If you've lost it, paste your 256-bit recovery code instead. Either one unwraps the same data-encryption key, locally, on your Mac.

  3. Your snapshots come back

    Browse your last working state, pick what to restore, done. macup never received the passphrase or the recovery code in plain text.

Threat model

Five layers between an attacker and your data.

Concrete is more honest than vague. Hover any ring to see what macup does at that layer. The promise isn't that we stop everything; it's that the failure of any one layer doesn't compromise the layer beneath.

Your data

  • On the wire to the storage destination.

    • TLS to macup endpoints and storage destinations.
    • Backup payloads are encrypted before transfer.
    • Control-plane requests are separate from backup file contents.

Where the line is

macup does not protect against active malware or a rootkit on your Mac that can read files before they are encrypted. It does not protect against a compromised macOS Keychain when the attacker is already on the device. It does not protect against a passphrase you shared with someone you trusted, and it does not protect against a court order compelling you to disclose it. If any of these is your threat model, write to security@macup.app before you trial — we'd rather turn you down than mislead you.

Honest scoping

What changes between macup Cloud and BYOS.

Encryption and recovery are identical on either destination. Compliance-mode immutability is the macup Cloud difference.

Property
macup Cloud
BYOS
AES-256 client-side encryption
macup CloudBuilt-in
BYOSBuilt-in
Both recovery paths verified at setup
macup CloudBuilt-in
BYOSBuilt-in
Immutable retention a compromised Mac can't override
macup Cloud Built-in. Object Lock compliance mode, no opt-out.
BYOS Your bucket, your call. We surface the setting; the lock lives where the data does.

If ransomware-resistance is the property you came for, macup Cloud is the path that guarantees it. BYOS gives you the encryption and the recovery model — the cloud-side lock is whatever your bucket policy enforces.

Audits & transparency

We publish what we can verify. We wait until we can verify it.

Complete

Third-party penetration test

Completed 2026-Q1 by an independent firm. Scope: cloud control plane, daemon IPC, onboarding wizard. Report available under NDA.

In progress

SOC 2 Type II

Observation period started 2026-Q2. Target report: 2026-Q4. Trust center with control attestations coming soon.

Disclosure, bounty, compliance → full trust report
FAQ

About the security model.

Can macup read my data?

macup is designed so backed-up file contents are encrypted on your Mac before upload. The encryption key is wrapped by recovery material you control, and our cloud stores ciphertext rather than readable files.

What happens if I lose my passphrase AND my recovery code?

If you've also never signed into iCloud Keychain on another Mac with the account, your backups become permanently unreadable. This is the cryptographic property that makes the zero-knowledge claim real. That's why we require the passphrase at setup, require you to save the recovery code, and verify both unwrap correctly before we consider the account configured.

Is iCloud Keychain sync actually zero-knowledge?

iCloud Keychain sync is end-to-end encrypted by Apple under your Apple ID. Apple can't read the synced keys either. What macup specifically can't do is verify from a single Mac that Keychain sync is actually working — that's why we treat it as a convenience layer, not a primary recovery method.

Has macup been audited?

SOC 2 Type II is in progress (target 2026 Q4). A third-party penetration test was completed prior to launch; the report is available under NDA. Responsible disclosure runs through security@macup.app today; a scoped public bug bounty opens after SOC 2.

How do you handle key rotation?

Users can rotate the passphrase at any time from the dashboard — the server-side escrow ciphertext re-wraps with the new passphrase-derived key and old cipher is deleted. Recovery code rotation follows the same flow. Data-encryption keys themselves are not rotated by default (they would invalidate every past snapshot), but this is configurable per workspace.

Private. Recoverable. Immutable. Pick all three.

Start a 14-day trial. Set up the two-path recovery yourself, in five minutes.

Start a 14-day trial Read the trust report