engine/snapshot/mod.rs
1// Copyright 2020-2021 IOTA Stiftung
2// SPDX-License-Identifier: Apache-2.0
3
4#![allow(clippy::upper_case_acronyms)]
5
6//! This crate defines and implements the encrypted offline storage format used by
7//! the Stronghold ecosystem.
8//!
9//! The format has a header with version and magic bytes to appease applications
10//! wishing to provide file-type detection.
11//!
12//! The data stored within a snapshot is considered opaque and uses 256 bit keys.
13//! It provides recommended ways to derive the snapshot encryption key from a user
14//! provided password. The format also allows using an authenticated data
15//! bytestring to further protect the offline snapshot files (one might consider
16//! using a secondary user password strengthened by an HSM).
17//!
18//! The current version of the format is using X25519 together with an ephemeral
19//! key to derive a shared key for the symmetric XChaCha20 cipher and uses the
20//! Poly1305 message authentication algorithm.
21
22//! Future versions, when the demands for larger snapshot sizes and/or random
23//! access is desired, might consider encrypting smaller chunks (B-trees?) or
24//! similar using per chunk derived ephemeral keys.
25
26mod compression;
27pub mod files;
28mod logic;
29pub mod migration;
30
31pub use compression::{compress, decompress, Lz4DecodeError};
32pub use logic::*;