There's enough in their service description to not trust them.
The way the system is described, you encrypt a file on your device, upload both the key and the file to the cloud, then the receiver downloads both the file and the key.
The "encryption key storage" is central to how the whole thing works. It's also a dumb idea. The only thing I can think is that it allows a file to be delivered out-of-band, but the inescapable fact is that decryption material is available to at least one other party.
Each email or file has its own unique key, which is stored
in and protected by a keystore in my butt. By default,
the Virtru keystore is used, but advanced users will be
able to operate their own key stores.
Our base case is indeed symmetric for each message (the key distribution is over Elliptic Curve Diffie Hellman Ephemeral).
The number one reason why we allow for symmetric message keys is to allow you to send an encrypted message to anyone, even if they don't have public keys somewhere. Distributing and using private/public keys in a trusted AND easy to use way is a problem we're currently working to solve, and will add as soon as we get that done in a way that doesn't make our software so hard to use that people stop using it.
The way the system is described, you encrypt a file on your device, upload both the key and the file to the cloud, then the receiver downloads both the file and the key.
Look at the diagrams here: https://www.virtru.com/how-virtru-works
The "encryption key storage" is central to how the whole thing works. It's also a dumb idea. The only thing I can think is that it allows a file to be delivered out-of-band, but the inescapable fact is that decryption material is available to at least one other party.