Technical Documentation
The Zero-Knowledge Protocol
An overview of Vaulternix's ephemeral architecture and security model.
1. Introduction
Vaulternix is designed to operate without a persistent database for user content. Unlike traditional "End-to-End Encrypted" (E2EE) apps that store encrypted blobs on a central server, Vaulternix aims for a RAM-only existence.
2. Architecture
The system relies on a mesh of ephemeral nodes established via WebRTC.
CLIENT A
(Keys in RAM)
(Keys in RAM)
WebRTC
SIGNALING SERVER
(Handshake Only)
(Handshake Only)
P2P
CLIENT B
(Keys in RAM)
(Keys in RAM)
3. Cryptography Standards
- Encryption: AES-256-GCM for content payload.
- Key Exchange: ECDH (Elliptic Curve Diffie-Hellman) on Curve25519.
- Signatures: Ed25519 for identity verification (optional).
- Randomness: `crypto.getRandomValues()` (CSPRNG).
4. Threat Model
Vaulternix protects against:
- Passive Network Monitoring (ISP/Govt surveillance).
- Server Seizure (No data at rest on disk).
- Database Leaks (No database exists).
Limitations: We cannot protect against a compromised endpoint device (e.g., malware on your phone taking screenshots).
Open Source Verification
The core crypto libraries are open source. You can audit the build.
git clone https://github.com/advlst/vaulternix-core