Structure: Engine::Snapshot
Stronghold Snapshot
This crate defines and implements the encrypted offline storage format used by the Stronghold ecosystem.
The snapshot format follows a fairly simple specification:
| Header |
|---|
| Magic Bytes |
| Version Bytes |
| Body |
| Ephemeral Key |
| xchacha20 tag |
| Cipher Text |
The format has a header with version and magic bytes to appease applications wishing to provide file-type detection.
The body format has a ephemeral public key followed by the xchacha20 tag and the cipher text.
The data stored within a snapshot is considered opaque and uses 256 bit keys. It provides recommended ways to derive the snapshot encryption key from a user provided password. The format also allows using an authenticated data bytestring to further protect the offline snapshot files (one might consider using a secondary user password strengthened by an HSM).
The current version of the format is using X25519 together with an ephemeral key to derive a shared key for the symmetric XChaCha20 cipher and uses the Poly1305 message authentication algorithm. Future versions, when the demands for larger snapshot sizes and/or random access is desired, might consider encrypting smaller chunks (B-trees?) or similar using per chunk derived ephemeral keys.