Koofr Vault is an open-source, client-side encrypted folder for your Koofr cloud storage offering an extra layer of security for your most sensitive files.

Related tags

Cryptography vault
Overview

Koofr Vault

Koofr Vault

build status

https://vault.koofr.net

Koofr Vault is an open-source, client-side encrypted folder for your Koofr cloud storage offering an extra layer of security for your most sensitive files. The encryption is compatible with rclone.

Tech stack

Koofr Vault is divided into two parts: the engine and the UI. The engine, made up of vault-core and vault-wasm, is written in Rust and compiled to WebAssembly. The UI, vault-web, is written in React and uses Vite for frontend tooling. There is no server component; Koofr Vault only uses the public Koofr REST API.

Build and run locally

The easiest way to run Koofr Vault locally is to build and run it with Docker. This will compile the app and build a Docker image using Caddy web server.

docker build --build-arg GIT_REVISION=$(git rev-parse --short HEAD) -t vault .

docker run --rm -p 5173:5173 vault

You can now open http://localhost:5173 in your browser.

Build static files

Alternatively, you can build static files, which will produce vault-web.tar.gz file with the static files:

docker build --build-arg GIT_REVISION=$(git rev-parse --short HEAD) --target static-stage -t vault-static .

docker run --rm vault-static cat vault-web.tar.gz > vault-web.tar.gz

Development

For development instructions, see the vault-wasm README and vault-web README.

Reproducibility

Koofr Vault is built using GitHub Actions and published as a GitHub Release. You can download a release .tar.gz file and run it locally, or use the extracted files from the release to verify what https://vault.koofr.net is serving. The current deployed Git revision can be found at https://vault.koofr.net/gitrevision.txt

Example:

mkdir koofr-vault-check
cd koofr-vault-check

wget https://github.com/koofr/vault/releases/download/v0.1.0/vault-web.tar.gz

tar xf vault-web.tar.gz

allok=true

for path in $(tar tf vault-web.tar.gz | grep -v './$' | sort); do
  local=$(sha256sum "$path" | awk '{print $1}')
  remote=$(curl -s "https://vault.koofr.net/${path:2}" | sha256sum | awk '{print $1}')
  if [ "$local" = "$remote" ]; then
    echo "$path OK"
  else
    echo "$path MISMATCH (local $local remote $remote)"
    allok=false
  fi
done

if [ "$allok" = "true" ]; then
  echo "OK"
else
  echo "MISMATCH"
fi

Contributing

If you have a bug report, please send the report to [email protected]. If you are considering contributing to the Koofr Vault code, please contact us in order to discuss your intended contribution first, as we can not afford the effort to review arbitrary contributions at the moment.

Authors and acknowledgement

Koofr Vault was developed and designed by the Koofr team.

We would like to extend a huge thank you to rclone for their encryption implementation.

License

Koofr Vault is licensed under the terms of the MIT license.

You might also like...
Distributed Vault For Your Secrets
Distributed Vault For Your Secrets

https://meta-secret.github.io Application Design Activity Diagram graph TD User -- |split password| MSS{MetaSecret} MSS -- |split| Hash1

An encrypted multi client messaging system written in pure Rust

๐Ÿšฉ Preamble This is a pure Rust multi-client encrypted messaging system, also known as Edode's Secured Messaging System. It is an end-to-end(s) commun

The Fastest and most Advanced Ethereum Client

The Fastest and most Advanced Ethereum Client. ยป Download the latest release ยซ Table of Contents Description Technical Overview Building 3.1 Building

Draw routes in MapLibre snapped to a street network using client-side routing
Draw routes in MapLibre snapped to a street network using client-side routing

MapLibre route snapper This plugin lets you draw routes in MapLibre GL that snap to some network (streets, usually). Unlike similar plugins that send

High-level networking library that extends the bevy_replicon library to allow snapshot interpolation and client-side prediction

bevy_replicon_snap A Snapshot Interpolation plugin for the networking solution bevy_replicon in the Bevy game engine. This library is a very rough pro

PolkaBTC Clients | Vault, Staked Relayer, Oracle, Faucet
PolkaBTC Clients | Vault, Staked Relayer, Oracle, Faucet

PolkaBTC Clients Faucet, Oracle, Vault & Staked Relayer This project is currently under active development. Prerequisites Download and start Bitcoin C

Simple (not simplest) UST vault that integrate with Anchor Protocol

Simple (not simplest) UST Vault Building a simple UST Vault that generate yield from Anchor while also have UST reserved for lending, and etc. This co

An example re-entrancy attack on a flashloan vault.

CosmWasm re-entrancy Exploit Example The exploit example is located in contracts/liquidity_hub/vault-network/exploit_contract. A vault in contracts/li

Audit Cargo.lock files for dependencies with security vulnerabilities

RustSec Crates ๐Ÿฆ€ ๐Ÿ›ก๏ธ ๐Ÿ“ฆ The RustSec Advisory Database is a repository of security advisories filed against Rust crates published via crates.io. The a

Owner
Koofr
Because my data matters.
Koofr
An open source desktop wallet for nano and banano with end-to-end encrypted, on chain messaging using the dagchat protocol.

An open source wallet with end-to-end encrypted, on chain messaging for nano and banano using the dagchat protocol.

derfarctor 22 Nov 6, 2022
Dione is an anonymize and encrypted messaging system build on top on a peer to peer layer.

Secure and Anonymous Messaging WARNING: Currently Dione is not ready to be used nor does it fulfill its goal of being an anonymous messenger. In order

Dione 41 Jan 5, 2023
A simple key-value store with a log-structured, append-only storage architecture where data is encrypted with AES GCM.

akvdb A simple key-value store with a log-structured, append-only storage architecture where data is encrypted with AES GCM. Modified from the actionk

Olle W 3 Oct 10, 2022
Open Protocol Indexer, OPI, is the best-in-slot open-source indexing client for meta-protocols on Bitcoin.

OPI - Open Protocol Indexer Open Protocol Indexer, OPI, is the best-in-slot open-source indexing client for meta-protocols on Bitcoin. OPI uses a fork

Best in Slot 33 Dec 16, 2023
Aptos-core strives towards being the safest and most scalable layer one blockchain solution.

Aptos-core strives towards being the safest and most scalable layer one blockchain solution. Today, this powers the Aptos Devnet, tomorrow Mainnet in order to create universal and fair access to decentralized assets for billions of people.

Aptos Labs 4.7k Jan 6, 2023
Automated security testing for open source libraries and applications.

autovet continuously searches for security breaches in open source libraries and applications. Recently processed packages package version channel las

null 5 Aug 23, 2022
Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy ๐Ÿ‘๐Ÿ†

privacy-sexy Open-source tool to enforce privacy & security best-practices on Windows and MacOs, because privacy is sexy ?? ?? privacy-sexy is a data-

Subconscious Compute 3 Oct 20, 2022
A Rust implementation of the Message Layer Security group messaging protocol

Molasses An extremely early implementation of the Message Layer Security group messaging protocol. This repo is based on draft 4 of the MLS protocol s

Trail of Bits 109 Dec 13, 2022
Smarter brute-force password searching for PKZIP encrypted files

Zip Blitz Motivation This program was created for a very specfic problem I had. I had a large encrypted zip file that I lost/forgot the password for.

Michael 4 Jul 29, 2022
reth-indexer reads directly from the reth db and indexes the data into a postgres database all decoded with a simple config file and no extra setup alongside exposing a API ready to query the data.

reth-indexer reth-indexer reads directly from the reth db and indexes the data into a postgres database all decoded with a simple config file and no e

Josh Stevens 306 Jul 12, 2023