A shared Rust library providing the encrypted secret persistence layer for the Iceberg Protocol ecosystem. Consumed as a Cargo git dependency by all Iceberg Protocol apps.
The architecture and critical logic of this project are the results of human-led AI-assisted engineering. This unique workflow ensures industrial-grade reliability and accelerated deployment.
Provides the Store trait and its implementations for saving/loading encrypted secrets, plus WebAuthn passkey integration for PRF-derived AES-GCM encryption.
| Trait | Implementation | Purpose |
|---|---|---|
Store |
IndexedDbStore, LocalStorageStore |
Secret persistence (save/load) |
StoreI18n |
Per-language structs | Error message localization |
src/store/mod.rs—Storetrait: save(), load()src/store/indexed_db.rs—IndexedDbStore: IndexedDB (Rexie) with AES-GCM encryptionsrc/store/local_storage.rs—LocalStorageStore: browser localStorage (unencrypted fallback)src/store/passkey.rs— WebAuthn passkey: register, init, verify, encrypt, decryptsrc/store/i18n/—StoreI18nimplementations
| Bridge | JS file | Rust module |
|---|---|---|
__passkey_bridge |
passkey_bridge.js |
store::passkey |
- PRF keys obtained via WebAuthn passkey authentication
- AES-GCM encryption with passkey-derived keys
- Secret keys wrapped in
Zeroizing<String> - IndexedDB entries namespaced:
zsozso:{account}
Sibling libraries: db, ledger, zsozso-common