Lokvault

Autonomous AI · Android 10+

The first Android security agent that acts, not just alerts.

Lokvault watches every outbound socket, Bluetooth scan, USB handshake, file export, and permission elevation on your phone. Critical threats are killed instantly — lower-risk events surface as a one-tap "Fix" prompt vetted by an on-device AI consultant.

Try the live demo Android Studio guide

7-day free trial No root required Play Store ready

What it does

Nine surveillance modules, one calm dashboard

Auto-mitigation

Critical threats are killed the instant they're seen — the AI reports what it did, with no confirmation prompt.

AI consultant

Ask follow-up questions, request hardening, or dispute a fix in a per-alert chat thread.

Permissions audit

Sees every elevation in real time — background location, camera, microphone, SMS, accessibility.

Bluetooth & USB

Tracks every pair, scan, and handshake. Unknown nearby devices and untrusted peripherals are flagged.

Firewall & trackers

Per-app outbound socket control with a tracker blocklist that updates daily.

Malware scanner

Static + behavioural scan of installed APKs. Quarantines on detection without bricking the device.

Forensic logs

Every connection, scan, and export is timestamped and kept forever — even from past sessions.

Lockscreen guard

Biometric posture checks, failed-attempt tracking, and automatic re-lock on policy drift.

Family-friendly

Quiet by default. Only critical events buzz; everything else stays in the dashboard.

How it works

Detect → Triage → Act

Step 1

Detect

On-device sensors stream signals into Lokvault: sockets, intents, permission grants, BLE scans, USB descriptors, APK installs.

Step 2

Triage

The AI scores each event. Critical → auto-mitigate. Warning → surface as a one-tap Fix card. Normal → silent log.

Step 3

Act

Lokvault executes the fix on-device, writes an after-action report, and lets you discuss or revert in chat.

Pricing

Try free for 7 days, then choose your plan

7-day Trial

Free

No card · cancels automatically

Every module unlocked
AI consultant
Auto-mitigation

Ship Lokvault as a real Android app

The web preview is a fully working simulation. To turn it into a real Google Play product you wrap this UI in a Trusted Web Activity (TWA) and add native Play Billing. Everything you need is below.

Install Android Studio

Download Android Studio Ladybug (or newer) from developer.android.com/studio. Install the Android 14 (API 34) SDK, Platform-Tools, and the Google Play Licensing Library via SDK Manager.

Create the TWA project

New Project → Empty Activity → package app.sentinel.android, min SDK 24, language Kotlin. Add the Trusted Web Activities dependency to build.gradle:

implementation "androidx.browser:browser:1.8.0"
implementation "com.android.billingclient:billing-ktx:7.1.1"

Point the TWA at your hosted app

Publish this Lokvault app to your own HTTPS domain (Lovable → Publish). In AndroidManifest.xml, register a LauncherActivity extending androidx.browser.trusted.LauncherActivity with meta-data android:name="android.support.customtabs.trusted.DEFAULT_URL" pointing to your domain. Add a Digital Asset Links file at /.well-known/assetlinks.json on that domain.

Wire up Google Play Billing

Copy android/BillingManager.kt (included in this project) into app/src/main/java/app/sentinel/android/. It queries the three SKUs, launches the billing flow, and acknowledges purchases. Create matching SKUs in Play Console:

sentinel_trial_7d — 7-day free intro on a base plan
sentinel_monthly_999 — $9.99 monthly auto-renewing
sentinel_yearly_9900 — $99.00 yearly auto-renewing

Server-side receipt verification

This project already ships two server endpoints:

POST /api/public/play-verify — verify a purchase token via Google Play Developer API
POST /api/public/play-rtdn — Real-time Developer Notifications webhook (renewals, cancellations, refunds)

Add a Google Cloud service account with Android Publisher role, set GOOGLE_PLAY_SERVICE_ACCOUNT_JSON and GOOGLE_PLAY_RTDN_SECRET as secrets.

Upload to Google Play Console

Run ./gradlew bundleRelease to produce an .aab. In Play Console: create app → set up store listing (screenshots from the running app) → upload the bundle to Internal testing first. After QA, promote to Closed → Open → Production. Expect 2–7 days for the first review.

Files included in this project

Look in the android/ folder for ready-to-paste scaffolding:

android/README.md — full step-by-step guide
android/app/build.gradle.kts — Gradle config with Billing 7.x
android/app/src/main/AndroidManifest.xml — TWA launcher
android/app/src/main/java/.../BillingManager.kt — Play Billing wrapper
android/app/src/main/java/.../MainActivity.kt — TWA + entitlement bridge
android/assetlinks.json — drop into /.well-known/ on your domain

Be informed

Pros & cons of shipping to Google Play

Pros

Distribute to billions of users via the Play Store
Google Play Billing handles cards, taxes, refunds, and renewals
Auto-updates over-the-air via Play
Native APIs (VpnService, AccessibilityService) unlock real mitigation
User trust signals: Play Protect verified, reviews, install counts

Cons

First review takes 2–7 days; later updates 1–3 days
Google takes 15–30% of revenue (15% under $1M/yr)
Some sensitive permissions (Accessibility, VPN) need extra Play review
TWA can't access native Android security APIs — for that you need a native build
Per-developer-account fee: $25 one-off

Ready to harden your Android?

Open the live dashboard, watch Lokvault auto-mitigate a real threat in front of you, then follow the setup guide to ship it on Google Play.

Open dashboard Ask the AI