I noticed the Bitwarden app on my iPhone is included in my iCloud Backup, which is taking up 9.9MB. That makes me think it includes the encrypted Vault (i.e., it’s not just the user preference settings that are backed up). I understand that “encryption key is persisted in the iOS keychain” and from what I can tell the iCloud Backup of my phone includes that encryption key – I took a look at the Bitwarden mobile repo on Github, and it looks like Bitwarden for iOS uses Xamarin’s SecureStorage API with the default SecAccessible property, which is AfterFirstLock (i.e., it’s included in iCloud Backup and it can be restored even to a different device, unlike, e.g., AfterFirstUnlockThisDeviceOnly).
I read that iCloud Backups are not end-to-end encrypted (i.e., Apple can access the content). E.g., here and here. If Apple can access my iCloud Backup of my iPhone, does that also mean Apple can technically access all my passwords?
