On this page

Importing Files to a Vault

Importing files into a vault encrypts them and adds them to the vault's encrypted storage. Once imported, files are visible in the Vault Browser and automatically replicated across all active storage locations.

Prerequisites

  • A vault must be open in the vault browser
  • A MASTER dongle must be connected (SLAVE dongles are read-only and cannot import)

Import Methods

Add Files Button

  1. Open a vault in the sidebar
  2. Click the Add Files button in the toolbar
  3. Select one or more files (or folders) from the file picker
  4. Files are encrypted and imported into the selected folder in the vault tree, or the vault root if no folder is selected

Drag and Drop from OS

You can drag files or folders directly from Windows Explorer (or your OS file manager) into the vault browser tree:

  1. Open a vault
  2. Drag files from your desktop or file manager onto a folder in the vault tree
  3. Drop them — the import begins immediately
  4. Files are encrypted and placed under the target folder

Tip

Drag-and-drop is the fastest way to import. Drop files onto a specific folder in the tree to control where they appear in the vault hierarchy.

What Happens During Import

When files are imported, the following steps occur for each file:

  1. Metadata record created — an encrypted record is created containing the filename, file ID, and parent folder
  2. Content encryption — the file content is encrypted using a unique key derived from the dongle's key material
  3. Primary write — the encrypted metadata and content are written to the primary storage location first
  4. Replication — the same encrypted files are copied to all other active, online locations (best-effort)
  5. Tree refresh — the vault browser refreshes to show the newly imported files

Each imported file receives its own unique encryption key. This means:

  • No two files share the same encryption key (even if they have the same content)
  • Your dongle's key material is used as a key source — your dongle never "runs out" due to vault operations

Importing Folders

When you import a folder (either via Add Files or drag-and-drop), the entire folder structure is preserved:

  • Each subfolder is recreated in the vault
  • Each file is encrypted individually
  • The original folder hierarchy is maintained in the vault browser

Encrypted Storage Format

Imported files are stored in an obfuscated on-disk layout. All filenames on disk are derived from random IDs — they reveal nothing about the original files. The cloud provider or anyone with access to the storage folder sees only random-named files with no recognizable structure.

Replication to Multiple Locations

After writing to the primary location, Necron Vault Manager replicates the encrypted objects to all other active and online locations:

  • If a location is offline (e.g., cloud sync folder not mounted), it is skipped. The missing files will be detected and repaired the next time the vault is opened with that location online.
  • Replication happens in the background so the import doesn't block your workflow.
  • After import, the tree is refreshed to show the new files.

Error Handling

If an error occurs during import:

  • Per-file errors are reported in the vault status area (e.g., permission denied, disk full)
  • Replication failures to secondary locations are logged but do not abort the import — the primary copy is always completed first
  • You can manually trigger a Vault Integrity Check to verify all locations are in sync

File Size Considerations

  • There is no hard file size limit for import
  • Each file is encrypted in a single operation, so it must fit in memory during import
  • Very large files (several GB) may require sufficient available RAM

Next Steps