Encryption Architecture
localWiki uses layered cryptography to protect secrets and credentials at rest and all data in transit during P2P sync.
Key Derivation — Argon2id
When you create your vault, you set a master password. localWiki derives your encryption key from this password using Argon2id, the winner of the Password Hashing Competition. Argon2id is resistant to both GPU and side-channel attacks.
master password ──► Argon2id(salt, memory=19 MiB, iterations=2, lanes=1) ──► 256-bit keyThese are the OWASP-recommended minimum parameters for Argon2id. The derived key never leaves memory. It is never written to disk and is wiped when you lock the vault.
What Is Encrypted at Rest
The secrets vault — project keys, API tokens, database URLs, and other credentials — is encrypted with AES-256-GCM using envelope encryption:
- Each secret value is encrypted with a per-record data encryption key (DEK)
- Each DEK is itself encrypted with the master key derived from your password
- Secret notes are also encrypted with their own nonce
This means secret values, DEKs, and notes are stored as ciphertext in the database and are unreadable without unlocking the vault.
What Is Stored as Plaintext
Wiki page content is stored as plaintext in a local SQLite database. Specifically, the following are not encrypted at rest:
- Workspace names, icons, and colors
- Page titles and Yjs collaborative editing state
- Full-text search (FTS) index content
- Version history snapshots (plaintext column)
The SQLite database file is protected by operating system file permissions (mode 0700 on Unix), but the data inside is not encrypted. Standard file search tools can read the database contents if they have filesystem access.
Only the secrets vault is encrypted at rest. Wiki pages, titles, and search indexes are stored as plaintext in SQLite. Protect your device with full-disk encryption if you need page content to be encrypted on disk.
Encryption in Transit — E2EE
When syncing with peers, every Yjs delta is encrypted with the shared workspace key before leaving your machine. Neither LAN peers (before authentication) nor the WAN relay can read the data in transit.
plaintext delta ──► AES-256-GCM encrypt ──► network ──► peer decryptsThere is no cloud storage. localWiki does not upload your data anywhere. Encryption in transit refers exclusively to P2P sync between your authorized devices.
Threat Model Summary
| Threat | Protection |
|---|---|
| Stolen device — secrets | AES-256-GCM encrypted vault, locked on idle |
| Stolen device — wiki pages | OS file permissions; consider full-disk encryption |
| Network eavesdropping | E2EE for all sync traffic |
| Compromised relay | Relay only sees encrypted blobs |
| Brute-force password attack | Argon2id memory-hard KDF (OWASP minimum: 19 MiB / 2 iterations / 1 lane) |