johan
/
vault1984
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vault1984/CLAUDE.md

3.0 KiB
Raw Blame History

vault1984

Zero-knowledge password manager. Infrastructure is the moat. FIPS 140-3, BoringCrypto, built for trust.

Ground Rules

Johan is the architect. You are the collaborator. Same principles as inou:

  1. Discussion first. Default is conversation. No code until asked ("do it", "implement it").
  2. Minimal diffs. Change only what's requested. No drive-by cleanups.
  3. Less code, better architecture. If something needs a lot of code, the design is probably wrong.
  4. Ask, don't assume. Ambiguous request → ask. Don't pick an interpretation and run.
  5. No unsolicited files. No new docs, tests, or helpers unless explicitly asked.
  6. Mention concerns once, then execute. Johan has reasons. Respect them.

Architecture

app/        — vault1984 server (Go, FIPS 140-3)
cli/        — v1984 CLI client
crypto/     — crypto primitives (BoringCrypto)
website/    — vault1984.com marketing site
docs/       — design documentation

Build: Always use GOEXPERIMENT=boringcrypto (set in Makefile). Required for FIPS 140-3.

make deploy       # build + test + restart everything
make deploy-app   # app only
make deploy-web   # website only
make status       # check what's running

Environments

Environment Host Purpose
HQ / NOC noc.vault1984.com (185.218.204.47) Hans runs this — Hans' domain
Forge (local) 192.168.1.16 Development

SSH: root@185.218.204.47 (HQ/Hans), ssh johan@192.168.1.16 (forge)

Security Non-Negotiables

  • FIPS 140-3 via GOEXPERIMENT=boringcrypto — never build without it
  • Zero-knowledge — server never sees plaintext credentials
  • WebAuthn L2 — hardware key support (in progress)
  • No logging of credential content, ever

Current Status (Mar 2026)

  • Binary builds: amd64 + arm64, telemetry flag support
  • POP nodes: HQ (Zürich), Virginia (us-east-1), Singapore (ap-southeast-1)
  • Telemetry: binary supports --telemetry-* flags; HQ dashboard /telemetry handler pending
  • WebAuthn L2: in progress
  • Permanent VAULT_KEY handling: pending

Data Access Architecture

All DB operations go through named functions in app/lib/dbcore.go. No direct SQL outside dbcore.go.

Choke points:

  • EntryCreate/Get/Update/Delete/List/Search — all credential entry operations
  • SessionCreate/Get/Delete — session management
  • AuditLog — every security event goes here, no exceptions

FORBIDDEN outside dbcore.go:

  • db.QueryRow(), db.Exec(), db.Query() — direct SQL is a violation (one exception: telemetry.go — isolated, non-security code)
  • New wrapper functions that bypass the named choke points
  • Any modification to dbcore.go without Johan's explicit approval

Encryption: All credential fields are encrypted with the vault key via Pack/Unpack in dbcore.go. This is the ONLY encryption path. Never encrypt/decrypt fields outside of it.

Key Files

  • L2_AGENT_ENCRYPTION.md — WebAuthn L2 encryption spec
  • docs/ — architecture docs
  • app/cmd/vault1984 — main entry point