Does rotating encryption key happen locally or on the server?

I changed the master password to my account and also rotated the encryption key too but noticed that it happened very fast. This got me wondering if the encryption keys are rotated on my local computer or on the server.

If it’s done on the server that seems to be a security issue as the server would know the encryption key. If it’s done locally then it’s no issue at all.

Does anyone know if the rotating the encryption key happens locally or on the server?

It happens on the server. You’ll have to log out completely of all your clients and log back in to get the new keys.

Is this not a security issue because the encryption key needs to be in plaintext to rotate?

Apologies for not being clearer - the swapping happens in the local (web) client, then the data gets sent to the server.


Thanks! I feel better now.