Eternal Sentinel
Cryptographic Specification

Zero-Knowledge Encryption Whitepaper

Mathematical guarantees, not promises. Our technical specification outlines how your sensitive digital legacy is kept strictly confidential.

Core Security Philosophy

Standard cloud services encrypt your data on their servers and retain the keys. If their database is leaked or their employees go rogue, your passwords and files are compromised.

Eternal Sentinel is built differently. We operate under a strict **Zero-Knowledge Architecture**:

Client-Side Encryption Only

Encryption and decryption are performed entirely within your browser's execution context using the high-performance Web Crypto API. Opaque ciphertext is the only thing transmitted over the wire.

Zero Password Storage

We never store, transmit, or witness your master password. There is no fallback database table holding plain or hashed versions of your master password.

Mathematical Trust

You do not need to trust our team, our servers, or our database. The system is designed such that your data is mathematically unreadable without your out-of-band master password.

Cryptographic Specifications

Sentinel utilizes standard, audited, state-of-the-art cryptographic primitives. Here is a technical breakdown of our cryptographic pipeline:

1. Key Derivation (PBKDF2-SHA256)

Your local master password is run through the **PBKDF2 (Password-Based Key Derivation Function 2)** algorithm to derive a strong 256-bit symmetric encryption key:

  • **Hashing Algorithm**: SHA-256
  • **Iteration Count**: 100,000 rounds
  • **Salt**: A cryptographically random 256-bit salt generated client-side at creation

This process slows down brute-force and dictionary attacks locally, rendering them mathematically infeasible.

symmetric Encryption (AES-256-GCM)

All vault files, credentials, and letters are locked using **AES-256-GCM (Advanced Encryption Standard in Galois/Counter Mode)**:

  • **Key Size**: 256 bits
  • **Initialization Vector (IV)**: A unique, non-repeating 96-bit nonce generated on every single encryption pass.
  • **Integrity Verification**: GCM produces a 128-bit authentication tag, guaranteeing that no server-side tampering or bit-flipping can go unnoticed.

Key Envelope Architecture

To support changing your password without requiring you to re-encrypt every single document or secret in your vault, Sentinel uses **Envelope Encryption**:

{
// Master Key Envelope
"encryptedMasterKey": "c18db5f40e0fa...", // Encrypted client-side
"masterKeySalt": "a23f9901de...", // Generated client-side
"masterKeyNonce": "09f1e8a3b5...", // 96-bit unique IV
// Encrypted Vault Items
"items": [
{
"id": "item_abc123",
"name": "f178ea...", // Encrypted item name
"encryptedData": "589fa...", // Encrypted item payload
"nonce": "012ea8f3..." // Unique 96-bit GCM IV
}
]
}

If you ever change your master password, your browser decrypts the **Master Key** using your old key, derives a new key from your new password, and re-encrypts the master key. Your actual secrets remain untouched, ensuring instant password changes.

What happens if onceimgone.com goes out of business?

Because we do not lock you in or keep your master key, you are never at risk of losing access to your data.

We pledge the following institutional business safeguards:

  1. **90-Day Wind-down Notice**: If we ever decide to cease operations, we will notify all users at least 90 days in advance, during which you can download and export all your vault items in plaintext.
  2. **Open Source Decryption Tool**: In the event of a sudden shutdown, we will open-source a simple, self-contained offline HTML/JS decryption utility. By downloading your encrypted vault database and entering your master password locally, you can decrypt your data entirely offline without our servers.

Your trust is our greatest asset. If you have any questions or feedback about our security audits or math proofs, please reach out.