Interface: Envelope
Interface: Envelope
Section titled “Interface: Envelope”Defined in: core/src/schema/crypto.ts:19
End-to-end encryption primitives for plasma columns marked as
.encrypted(). The server sees only opaque envelopes and cannot
recover the plaintext.
v0.1 posture:
- AES-GCM-256 with a per-record random 96-bit nonce.
- Data key derived from a caller-supplied DEK via HKDF-SHA256.
- AAD binds the envelope to its (table, rowId, column, keyId) so a server can’t move a ciphertext across rows or columns without breaking the auth tag.
- Key management is the caller’s problem — pass a DEK, we don’t persist it. Key rotation strategy is documented in ROADMAP.md.
The wire format is a small JSON object so it fits inside the existing
change_log’s value payload without protocol changes.
Properties
Section titled “Properties”
readonlyv:1
Defined in: core/src/schema/crypto.ts:20
readonlyalg:"AES-GCM-256"
Defined in: core/src/schema/crypto.ts:21
readonlykeyId:string
Defined in: core/src/schema/crypto.ts:22
readonlynonce:string
Defined in: core/src/schema/crypto.ts:24
Base64 12-byte nonce.
readonlyct:string
Defined in: core/src/schema/crypto.ts:26
Base64 ciphertext + auth tag.