mirror of
https://github.com/samvallad33/vestige.git
synced 2026-07-04 22:02:14 +02:00
The portable archive is encrypted on the client before upload and decrypted after download, so the hosted service only ever stores ciphertext — true zero-knowledge. The passphrase (VESTIGE_CLOUD_ENCRYPTION_KEY) is independent of the bearer sync key and never leaves the device. - new cloud_crypto module: Argon2id KDF + XChaCha20-Poly1305 AEAD, self- describing envelope (MAGIC|version|salt|nonce|ciphertext+tag) - HttpPortableSyncBackend encrypts on write / decrypts on read; transparent upgrade of legacy plaintext archives; clear error if remote is encrypted but no passphrase is set - sync_portable_archive_cloud takes optional encryption_key - CLI surfaces encryption status (on/off) on sync - 6 crypto tests (roundtrip, wrong-key, tamper detection, non-determinism, envelope detection); E2E verified: server blob is ciphertext, passphrase device recovers, no-passphrase device cannot decrypt 491 core tests green, clippy -D warnings clean. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| bin | ||
| dashboard | ||
| protocol | ||
| resources | ||
| tools | ||
| autopilot.rs | ||
| cognitive.rs | ||
| dashboard.html | ||
| graph.html | ||
| lib.rs | ||
| main.rs | ||
| server.rs | ||