alee/relicario
1
0
Fork 0
Code Issues Pull Requests 4 Actions Packages Projects Releases Wiki Activity

chore: rename project from idfoto to relicario

Browse Source 
Sweeping rename across crates, CLI binary, WASM bindings, extension, docs,
and vault metadata paths. Git remote updated to relicario.git.

- crates/idfoto-{core,cli,wasm} -> crates/relicario-{core,cli,wasm}
- IdfotoError -> RelicarioError
- IDFOTO_IMAGE env var -> RELICARIO_IMAGE
- ~/.config/idfoto -> ~/.config/relicario
- .idfoto/ vault metadata dir -> .relicario/ (breaking; pre-release)
- Binary name idfoto -> relicario
- Extension wasm module idfoto_wasm -> relicario_wasm
- Storage key idfotoSettings -> relicarioSettings
- All doc filenames and content references updated

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
adlee-was-taken
2026-04-19 16:47:02 -04:00
parent 20ff1d9f47
commit 519a6f0e36
51 changed files with 949 additions and 949 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
README.md
View File

@@ -1,8 +1,8 @@
<p align="center">
<img src="extension/icons/idfoto-logo.svg" alt="idfoto" width="128" height="128">
<img src="extension/icons/relicario-logo.svg" alt="relicario" width="128" height="128">
</p>
# idfoto
# relicario
A git-backed, self-hostable password manager where decryption requires two independent factors: a passphrase you memorize and a reference JPEG that carries a hidden secret. Compromise of either factor alone is insufficient.
@@ -23,7 +23,7 @@ Your reference photo (something you have)
your device (opaque ciphertext)
```
At vault creation, idfoto embeds a random 256-bit secret into a carrier JPEG using DCT steganography. This photo becomes your **reference image** — a second factor that lives on your devices (and optionally as a "dead drop" on social media, since it survives JPEG re-encoding and mild cropping).
At vault creation, relicario embeds a random 256-bit secret into a carrier JPEG using DCT steganography. This photo becomes your **reference image** — a second factor that lives on your devices (and optionally as a "dead drop" on social media, since it survives JPEG re-encoding and mild cropping).
To unlock the vault, you provide your passphrase and point the client at the reference image. The client extracts the hidden secret, concatenates it with your passphrase, and runs Argon2id to derive the master key. Everything else follows from there.
@@ -34,9 +34,9 @@ To unlock the vault, you provide your passphrase and point the client at the ref
A git repository containing:
- `manifest.enc` — opaque binary blob
- `entries/*.enc` — more opaque binary blobs
- `.idfoto/salt` — a random 32-byte value (not secret)
- `.idfoto/params.json` — Argon2id parameters (not secret)
- `.idfoto/devices.json` — authorized device public keys
- `.relicario/salt` — a random 32-byte value (not secret)
- `.relicario/params.json` — Argon2id parameters (not secret)
- `.relicario/devices.json` — authorized device public keys
That's it. No plaintext. No metadata about what's inside. No keys, no passphrases, no reference images.
@@ -58,7 +58,7 @@ No single point of failure. The two-factor design means the passphrase alone can
| LastPass | ~40-60 bits (master password only) | 1 |
| Bitwarden | ~40-60 bits (master password only) | 1 |
| 1Password | password + 128-bit Secret Key | 2 |
| **idfoto** | **password + 256-bit image secret** | **2** |
| **relicario** | **password + 256-bit image secret** | **2** |
### What we don't protect against
@@ -73,31 +73,31 @@ No single point of failure. The two-factor design means the passphrase alone can
cargo build --release
# Create a vault (pick any JPEG as the carrier)
idfoto init --image vacation.jpg --output reference.jpg
relicario init --image vacation.jpg --output reference.jpg
# Add a credential
idfoto add
relicario add
# Retrieve it
idfoto get github
relicario get github
# List everything
idfoto list
relicario list
# Sync with your git remote
idfoto sync
relicario sync
# Generate a random password
idfoto generate -l 32
relicario generate -l 32
```
### Environment variable
Set `IDFOTO_IMAGE=/path/to/reference.jpg` to avoid being prompted for the image path on every command.
Set `RELICARIO_IMAGE=/path/to/reference.jpg` to avoid being prompted for the image path on every command.
## The reference image
The reference JPEG is generated once during `idfoto init`. It looks like a normal photo — because it is one. The 256-bit secret is embedded in the DCT coefficients of the luminance channel using Quantization Index Modulation, with heavy redundancy and Reed-Solomon-style majority voting across multiple copies.
The reference JPEG is generated once during `relicario init`. It looks like a normal photo — because it is one. The 256-bit secret is embedded in the DCT coefficients of the luminance channel using Quantization Index Modulation, with heavy redundancy and Reed-Solomon-style majority voting across multiple copies.
The embedding survives:
- JPEG recompression (tested down to quality 85)
@@ -109,20 +109,20 @@ This means your reference image can live on your Instagram, your personal websit
## Architecture
```
idfoto/
relicario/
├── crates/
│ ├── idfoto-core/ # Platform-agnostic library (no filesystem, no network)
│ ├── relicario-core/ # Platform-agnostic library (no filesystem, no network)
│ │ ├── crypto.rs # Argon2id KDF + XChaCha20-Poly1305 AEAD
│ │ ├── imgsecret.rs # DCT steganography: embed/extract 256-bit secrets in JPEGs
│ │ ├── entry.rs # Entry, Manifest data model (serde)
│ │ └── vault.rs # Encrypt/decrypt entries and manifests
│ └── idfoto-cli/ # CLI binary: filesystem, git, terminal I/O
│ └── relicario-cli/ # CLI binary: filesystem, git, terminal I/O
└── docs/
└── superpowers/
└── specs/ # Design specification with full threat model
```
`idfoto-core` takes bytes and returns bytes. It has no knowledge of filesystems, git, or networks. This makes it portable to WASM (browser extension), Android (JNI), and iOS (Swift bridge).
`relicario-core` takes bytes and returns bytes. It has no knowledge of filesystems, git, or networks. This makes it portable to WASM (browser extension), Android (JNI), and iOS (Swift bridge).
### Crypto primitives
@@ -148,7 +148,7 @@ my-vault.git/
├── entries/
│ ├── a1b2c3d4.enc # One encrypted entry per file
│ └── e5f6a7b8.enc
└── .idfoto/
└── .relicario/
├── salt # 32-byte random salt (not secret)
├── params.json # KDF parameters
└── devices.json # Authorized device public keys
@@ -158,14 +158,14 @@ Entry IDs are random hex strings. Git history is preserved — every add/edit/de
## Device management
Each device generates its own ed25519 keypair. The public key is stored in `.idfoto/devices.json` (committed to the repo). Device keys are used for commit signing — they do NOT participate in vault decryption.
Each device generates its own ed25519 keypair. The public key is stored in `.relicario/devices.json` (committed to the repo). Device keys are used for commit signing — they do NOT participate in vault decryption.
Revoking a device: remove its key from `devices.json` and commit. No passphrase or reference image rotation needed.
```bash
idfoto device add --name laptop
idfoto device list
idfoto device revoke laptop
relicario device add --name laptop
relicario device list
relicario device revoke laptop
```
## Building
@@ -173,20 +173,20 @@ idfoto device revoke laptop
Requires Rust stable (1.70+).
```bash
git clone ssh://git@git.adlee.work:2222/alee/idfoto.git
cd idfoto
git clone ssh://git@git.adlee.work:2222/alee/relicario.git
cd relicario
cargo build --release
cargo test
```
The binary is at `target/release/idfoto`.
The binary is at `target/release/relicario`.
## Roadmap
- [ ] WASM build + Chrome browser extension (inline crypto, no native messaging)
- [ ] Secure notes (free-form encrypted text entries)
- [ ] Secure document storage (encrypted file attachments up to 5-10 MB)
- [ ] `idfoto unlock` daemon (ssh-agent-style, holds master key for a TTL)
- [ ] `relicario unlock` daemon (ssh-agent-style, holds master key for a TTL)
- [ ] Android/iOS clients (Rust core compiles to ARM)
- [ ] Import from LastPass/Bitwarden/1Password
- [ ] Firefox/Safari extensions