Skip to main content

Crate microkv

Crate microkv 

Source
Expand description

microkv is a minimal, security-focused key-value store for sensitive data, with encrypted persistence to disk.

Every store is encrypted, with values sealed with ChaCha20-Poly1305 under a key derived from a password (scrypt, or argon2 behind a feature flag) or supplied directly. Data is organized into isolated namespaces (“trees”), persisted atomically, and key material is held in memory-locked, auto-zeroed storage.

use microkv::{MicroKV, Credential};

let db = MicroKV::in_memory(Credential::password("p@ssw0rd")).unwrap();
db.put("answer", &42u32).unwrap();
let answer: u32 = db.require("answer").unwrap();
assert_eq!(answer, 42);

Structs§

Config
Open-time knobs. Everything defaults: Config { read_only: true, ..Default::default() }.
KdfParams
Opaque KDF parameters.
MicroKV
The database handle. Cheap to clone (Arc-backed); all clones share one store.
Secret
A wrapper marking a decrypted value as sensitive.
Tree
A handle to a single namespace within a MicroKV store.
Txn
A batch of operations applied atomically by MicroKV::transaction.

Enums§

AutoSave
When to flush to disk.
Credential
How to unlock a store. Encryption is mandatory — there is no plaintext option.
Error
Anything that can go wrong. Non-exhaustive; match with a wildcard arm.
LockMode
Cross-process locking, via a sidecar .lock file.

Type Aliases§

Result
Result with the crate’s Error.
SecretString
A password held in memory that is zeroized when dropped.