Standard and distributed backups are encrypted using Blockcrypt, an open source encryption scheme based on AES-256-GCM that provides plausible deniability (watch episode).
Distributed backups are encrypted using sss, one of the most secure implementations of Shamir Secret Sharing developed by Amber Sprenkels (a post-quantum computing PhD student in the Netherlands) before being encrypted (again) using Blockcrypt.
Blockcrypt encryption keys are derived using Argon2, a brute-force-resistent password-hashing function that won the 2015 Password Hashing Competition.
Fun fact: it would theoretically take 10,539,639 years to brute-force Superbacked-generated 5-word passphrase using MacBook Air with M1 chip (we’re not kidding around).
Superbacked is an Electron app therefore, even though its source code is proprietary, it can be audited (watch episode).
If you find a security vulnerability, please get in touch.