DEEPVAULT - DOCUMENTATION

WHAT IS IT?

DeepVault allows you to store data in the browser with AES encryption.

MOTIVATION

Storing data in the browser is very convenient, but not secure. Thanks to DeepVault, you can now directly encrypt sensitive data (geolocation, email, etc.), in your browser and access it with a cryptographic key as if you were using good old local storage.

SECURITY

By nature, DeepVault is not completely secure since it only provide security through obfuscation. But albeit it won't stop a determined hacker, it will mitigate the vast majority of automated attacks. Please weight up the pros and cons and design your app carefully.

You can learn more about Advanced Encryption Standard and Galois Counter Mode here:

• https://en.wikipedia.org/wiki/Galois/Counter_Mode
• https://fr.wikipedia.org/wiki/Advanced_Encryption_Standard

features:

• Save, read, update and delete encrypted data in the browser.
• Supports Typescript.
• No dependencies.
• Extra-light package.

HOW DOES IT WORK?

Vaults file

• Create a vaults.js file (the name and the extension doesn't matter).
• Create as many instances of DeepVault as you want and export them.
• Each instance is dedicated to a single dataset.

import DeepVault from "deepvault";

export const userVault = new DeepVault("user");
export const cashVault = new DeepVault("cash");

Save data

import { userVault } from "./vaults";
 
   const onLogin = async (form) => {  
     try {
        const user = await login(form)
        await userVault.encryptAndSaveData(user)    
        return saveUserInGlobalState(user)
      }
     catch(err){
        throw new Error(err)
     }

Read data

import { userVault } from "./vaults";
 
   const getUser = async () => {  
     try {
        const user = await userVault.getDecryptedData()
        if (user) return saveUserInGlobalState(user)
        return null
      }
     catch(err){
        throw new Error(err)
     }

Update data

import { userVault } from "./vaults";
 
   const updateUser = async (user) => {  
     try {
        await userVault.updateData(user)  
        return saveUserInGlobalState(user)
      }
     catch(err){
        throw new Error(err)
     }

Delete data

import { userVault } from "./vaults";
 
   const logout = async () => {  
     try {
        await userVault.deleteData()  
        return clearGlobalState()
      }
     catch(err){
        throw new Error(err)
     }

The dummy functions saveUserInGlobalState() and clearGlobalState() are not part of DeepVault. You should implement them yourself. If you use React, Redux or Zustand will work fine.

Methods

DeepVault offers you 6 methods:

	Type	Role
decryptData	(data: string) => Promise<any>	Decrypt data.
deleteData	() => void	Delete data.
encryptAndSaveData	(data: any) => void	Encrypt and save data
getEncryptedData	() => string	Get data without decrypting it. Useful to check the existence of an item without any need to access its information.
getDecryptedData	() => Promise<any>	Get decrypted data.
updateData	(data: any) => Promise<string>	Update an item already encrypted and saved. This method will replace the former data with the new one.

CONTRIBUTING

Feel free to send your pull requests or to raise issues on the github repository.

CREDITS

DoneDeal0

Logo made by throwaway icons from the Noun Project