Skip to content

identikey/recrypt

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

520 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Recrypt: Quantum-Resistant Proxy Recryption System

Status: Phase 8 β€” Documentation & Deployment (approaching 1.0) Version: 0.1.0


Overview

Recrypt is a quantum-resistant proxy recryption system enabling secure, revocable file sharing with untrusted storage providers. Built on lattice-based cryptography (OpenFHE) with post-quantum signatures (liboqs), it provides end-to-end encryption where files can be shared without exposing private keys or plaintext to any intermediary.

Core ideas

Proxy recryption. A semi-trusted proxy transforms ciphertext encrypted for Alice into ciphertext for Bob without ever decrypting it. The storage provider facilitates sharing without access to plaintext, and access can be revoked without re-encrypting the file.

Hybrid encryption (KEM-DEM). A 256-bit symmetric key is wrapped with the post-quantum PRE backend (KEM); bulk data is encrypted with XChaCha20 + Bao (DEM). Only the wrapped key (~KB) is recrypted on share β€” never the file itself.

Pluggable PRE backends. OpenFHE BFV is the post-quantum default; a mock backend exists for fast testing.


Quick start

Build

just setup          # first time: submodules + C/C++ deps + build
just build-release  # subsequent release builds

See Development for prerequisites.

Use the CLI

# Create an identity (ED25519 + ML-DSA-87 keypair, stored in an encrypted wallet)
recrypt identity new

# Encrypt / decrypt locally (--for selects the recipient identity)
recrypt encrypt myfile.txt --for alice --output myfile.enc
recrypt decrypt myfile.enc --output myfile.txt

# Register an account and upload a file to the proxy
recrypt --server https://recrypt.example.com account register
recrypt --server https://recrypt.example.com file upload myfile.enc

# Share with a recipient (generates a recryption key for the proxy)
recrypt share create <file-hash> --to <recipient-pubkey>

# Recipient downloads; the proxy recrypts the wrapped key on the fly
recrypt share download <share-id> --output myfile.txt

Run recrypt --help (and recrypt <command> --help) for the full command set: identity, encrypt, decrypt, account, file, share, config, wallet.

For a guided walkthrough see docs/user-guide.md.


Repository structure

recrypt/
β”œβ”€β”€ crates/
β”‚   β”œβ”€β”€ recrypt-ffi/            # Safe Rust API over OpenFHE + liboqs + ed25519
β”‚   β”œβ”€β”€ recrypt-openfhe-sys/    # Low-level CXX bridge to OpenFHE C++
β”‚   β”œβ”€β”€ recrypt-core/           # PRE backends, hybrid encryption, signatures
β”‚   β”œβ”€β”€ recrypt-wire/           # Wire protocol (Gordian Envelope + Bao)
β”‚   β”œβ”€β”€ recrypt-storage/        # S3-compatible content-addressed storage
β”‚   β”œβ”€β”€ identikey-storage-auth/ # Auth service (capabilities, ownership)
β”‚   └── recrypt-client/         # Generated Rust HTTP client (from OpenAPI)
β”œβ”€β”€ recrypt-server/             # Recryption proxy server (Axum)
β”œβ”€β”€ recrypt-cli/                # Command-line interface
β”œβ”€β”€ recrypt-client-ts/          # Generated TypeScript HTTP client
β”œβ”€β”€ tests/e2e/                  # E2E test harness (36 tests)
β”œβ”€β”€ docs/                       # Architecture, standards, decisions
└── vendor/                     # OpenFHE, liboqs (git submodules)

Architecture

                      β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
                      β”‚   recrypt-cli    β”‚  workflows, wallet, HTTP client
                      β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                               β”‚ reqwest (HTTP)
                               β–Ό
                      β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
                      β”‚  recrypt-server  β”‚  Axum proxy, auth middleware, routes
                      β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
          β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
          β–Ό                    β–Ό                  β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚   recrypt-core   β”‚ β”‚   recrypt-wire   β”‚ β”‚   recrypt-storage        β”‚
β”‚  crypto objects  β”‚ β”‚   wire format    β”‚ β”‚  content-addressed blobs β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€οΏ½οΏ½οΏ½β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
         β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”           β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚   recrypt-ffi    β”‚           β”‚  identikey-storage-auth  β”‚
β”‚  OpenFHE+liboqs  β”‚           β”‚  capabilities, ownership β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜           β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
         β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ recrypt-openfhe-sysβ”‚  raw CXX bridge to OpenFHE C++
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

See docs/architecture.md for per-crate ownership and the full dependency graph.

Crates

Crate Purpose
recrypt-ffi Safe Rust API over OpenFHE + liboqs
recrypt-openfhe-sys Low-level CXX bridge to OpenFHE C++
recrypt-core PRE backends, hybrid encryption, signatures
recrypt-wire Wire protocol (Gordian Envelope + Bao)
recrypt-storage S3-compatible content-addressed storage
identikey-storage-auth Auth service for storage access
recrypt-client Generated Rust HTTP client

Binaries & clients

Component Purpose
recrypt-server Recryption proxy (holds recryption keys, never secrets)
recrypt-cli Command-line interface
recrypt-client-ts Generated TypeScript client for the proxy API

Both HTTP clients are generated from the utoipa-annotated handlers in recrypt-server (single source of truth β†’ openapi.json β†’ codegen). Regenerate with just openapi-regen.


Key features

Cryptography

  • OpenFHE BFV lattice-based proxy recryption (post-quantum)
  • ED25519 (classical) + ML-DSA-87 (post-quantum) dual signatures
  • Multi-signature authorization (all keys must sign)
  • Blake3 for all hashing; Blake3/Bao tree mode for streaming integrity
  • XChaCha20 + Bao authenticated symmetric encryption

Storage

  • S3-compatible storage (Minio for dev, any S3 backend for prod)
  • Content-addressed by Blake3 hash
  • Separate auth service controls access by public key β†’ file hash
  • Chunked streaming for large files

API & interfaces

  • HTTP REST API (Axum) with OpenAPI schema
  • CLI with encrypted wallet (Argon2id + XChaCha20-Poly1305), OS-keychain caching
  • Generated Rust and TypeScript clients

Security model

Trust assumptions

Component Trust level Notes
Storage provider Untrusted Sees only ciphertext + wrapped keys
Recryption proxy Semi-trusted Has recryption keys, not secret keys; self-hostable
Auth service Trusted Controls access; can be self-hosted
Client Trusted Holds secret keys

Cryptographic guarantees

  • E2E encryption β€” plaintext never leaves the client
  • Quantum resistance β€” lattice-based PRE + ML-DSA-87 signatures
  • Per-file keys β€” fresh random symmetric key per file
  • Streaming integrity β€” Blake3/Bao verification during download

See docs/threat-model.md and docs/security-tiers.md for the full model.


Development

Prerequisites

  • Rust (stable, edition 2024)
  • OpenFHE C++ library + liboqs (built via just build-deps; vendored as submodules)
  • OpenMP β€” brew install libomp on macOS
  • Docker (for the Minio S3 development environment)

Common commands (via Just)

just build            # build the workspace
just test             # run all tests (--test-threads=1; OpenFHE global state)
just lint             # clippy
just format           # rustfmt
just test-e2e         # E2E harness (mock backend, ~30s)
just minio-up         # start Minio for S3 development
just openapi-regen    # regenerate Rust + TS clients from the server schema

Testing

  • Per-crate unit tests, with proptest property tests for crypto operations
  • E2E harness at tests/e2e/ β€” 36 tests (19 CLI + 17 API), ~30s on the mock backend
  • S3 tests gated behind --features s3-tests (requires Docker/Minio)
  • Tests validate semantic correctness (decrypt(encrypt(x)) == x), not byte equality β€” OpenFHE serialization is non-deterministic. See docs/non-determinism.md.

Documentation

Start with docs/architecture.md for the system overview, then docs/user-guide.md for usage.

Design documents

Document Description
docs/architecture.md System overview, per-crate ownership
docs/hybrid-encryption-architecture.md KEM-DEM with pluggable PRE backends
docs/pre-backend-traits.md PreBackend trait hierarchy
docs/storage-design.md S3 + auth service architecture
docs/wire-protocol.md Gordian Envelope + ASCII armor formats
docs/verification-architecture.md Blake3/Bao streaming verification
docs/threat-model.md Threat model and security commitments
docs/security-tiers.md Security tier hierarchy
docs/non-determinism.md Crypto testing strategy
docs/openfhe-threading-model.md OpenFHE global-state threading rules
docs/http-api-reference.md HTTP API reference
docs/deployment.md Deployment guide

Standards (interop specs)

Document Description
docs/standards/recrypt-key-material-v1.md Key material serialization
docs/standards/xchacha20-bao-aead.md Streaming AEAD construction
docs/standards/wallet-envelope-format.md Encrypted wallet envelope format
docs/standards/identity-self-signature.md Identity self-signature shape
docs/standards/dcbor-determinism.md dCBOR interop contract
docs/standards/hashing-standard.md Blake3 standardization

Architectural decisions live in docs/decisions/; read them before relitigating long-tail design questions.


Terminology

  • Recryption β€” transformation of ciphertext from one key to another (not "re-encryption")
  • Recryption key β€” the key enabling that transformation (not "rekey")
  • Recrypted β€” data that has undergone recryption

Standardized throughout the codebase.


License

Recrypt is dual-licensed:

  • Noncommercial use β€” licensed under the PolyForm Noncommercial License 1.0.0. Personal, research, educational, and nonprofit use is free, including running it in production. You are not required to publish your own source code.
  • Commercial use β€” any use as part of a money-making product, service, or business requires a commercial license from Identikey Inc. See LICENSE-COMMERCIAL.md or contact sales@identikey.io.

If you are not making money with Recrypt, the noncommercial license covers you. If you are, you need a commercial license.

Vendored third-party dependencies under vendor/ (e.g. OpenFHE, liboqs) remain under their own licenses.


Links

About

Recrypt is a post-quantum content-addressed homomorphic recryption cryptosystem written in Rust.

Topics

Resources

License

Unknown, Unknown licenses found

Licenses found

Unknown
LICENSE
Unknown
LICENSE-COMMERCIAL.md

Stars

Watchers

Forks

Packages

 
 
 

Contributors