> For the complete documentation index, see [llms.txt](https://oten.gitbook.io/drive-support/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://oten.gitbook.io/drive-support/shadow-layers/how-shadow-layers-work.md).

# How Shadow Layers work

Shadow Layers are Oten Drive's signature security feature. They exist for one situation ordinary encryption can't handle: **being forced to unlock.**

### The idea

A **Vault** is an encrypted container opened with a password. What most people don't see is that a vault can hold more than one **Shadow Layer** — independent, fully separate layers inside the same vault. Each layer has its own **password**, its own keys, and its own files.

When you unlock the vault, *which layer opens depends only on which password you type.*

* **One prompt, many destinations.** The vault always asks for a password the same way. One password opens a decoy layer; another opens your sensitive layer. Nothing hints that a second layer exists.
* **Visually identical.** Once inside, every layer looks and behaves like an ordinary vault — no badges, labels, or "this is the real one" indicators.
* **Undetectable.** There is no list, counter, or setting anywhere that reveals how many layers a vault has.

```mermaid
graph TD
    V["Vault — same password prompt for every layer"]
    V -->|decoy password| D["Decoy layer"]
    V -->|your password| R["Sensitive layer"]
    V -->|another password| X["Another layer"]
    D --- F1["Its own files & folders"]
    R --- F2["Its own files & folders"]
    X --- F3["Its own files & folders"]
```

There is no "real vs fake" label on these layers — they are independent, and you decide what lives in each.

### Why it's safe

* **Independent encryption.** Each layer is its own encrypted slot with its own keys. Knowing one password cannot decrypt, derive, or even detect another layer.
* **Hidden by design.** The unlock experience is identical no matter which password you enter. An observer can't tell that more than one layer exists — or prove that it does.
* **Local verification.** Passwords are checked on your device against the encrypted data itself. The server never sees a password and cannot say how many layers a vault has.

### What to keep where

You decide. A common pattern: keep believable, low-risk documents in a **decoy layer** (the one you'd open if compelled) and your real sensitive files in another layer. Because a vault can hold several layers, you can even keep a plausible "second" layer to reveal under sustained pressure while a third stays hidden.

> Next: Create a Shadow Layer · Use Shadow Layers · Unlock under inspection · Limits & recovery
