MDBX Security Specification

Version: MDBX-1-DRAFT

Defines Tiga modes, cryptographic baseline, key hierarchy, and memory-handling requirements.

1. Security goals

MDBX must defend against:

• offline file theft
• untrusted cloud storage
• ciphertext tampering
• long-lived plaintext exposure
• weak default KDF settings

2. Required algorithms (recommended baseline)

• KDF: Argon2id
• AEAD: XChaCha20-Poly1305 or AES-256-GCM
• Key derivation: HKDF-SHA-256
• Hash: SHA-256
• identifier/file-name MAC: HMAC-SHA-256

3. Tiga modes

MDBX MUST expose three user-selectable security tiers:

• Power Type (maximum protection)
• Multi Type (balanced default)
• Sky Type (faster/lighter)

Overrides should support global, project, and entry scope with narrower scope taking precedence.

4. Key hierarchy

Recommended layered model:

• user factor -> unlock key (Argon2id)
• unlock key -> vault key (HKDF)
• vault key -> subkeys for metadata, records, attachments, history

5. Record authentication

The implementation must authenticate vault header metadata, project/entry records, attachment metadata/content, history, and snapshots. Moved ciphertext in the wrong context must fail authentication.

6. Memory-safety guidance

• minimize plaintext residency time
• clear sensitive buffers where feasible
• avoid logging secrets
• stream large attachments

7. Unlock factors

Support visible unlock factors such as PIN/password/security-key/biometric wrapper while keeping strong underlying vault-key model. Password handling should support Unicode normalization consistency.

8. Rejection rules

Non-compliant if no authenticated encryption, no attachment integrity model, no explicit confirmation for weaker modes, or if biometric wrapper is treated as the sole secret.