Zegel is an open-source tamper-proof file format (v1.2). Extension: .zgl. MIME: application/x-zgl. Files sealed in Zegel format become physically unreadable if modified.
- lib/ - Dart package: core Zegel format library (reader, writer, Merkle tree, key derivation, Shamir SSS, canary traps, attestation, audit trail, selective disclosure)
- cli/ - Dart CLI application using the lib/ package
- app/ - Flutter GUI application for all platforms (Windows, macOS, Linux, Android, iOS)
- test_vectors/ - Language-agnostic test files for cross-implementation verification
- FORMAT_SPEC.md is the source of truth. Never deviate from the spec. If you think the spec is wrong, update the spec first, then update code.
- Cross-platform compatibility is non-negotiable. A .zgl file created on any platform must be verifiable on every other platform. Byte order, encoding, padding must match exactly.
- Test vectors are sacred. Every implementation must pass the test vectors. After ANY change, run
dart testin lib/, cli/, and app/. - Security is the whole point. Never:
- Log or print master keys, derived keys, or plaintext content to stdout/stderr in production
- Use Math.random() or similar weak RNG (always use cryptographically secure random)
- Skip constant-time comparison for hashes/HMACs
- Reuse IVs/nonces
- Store split-key shares together
- Log canary recipient IDs in production
- The format name is "Zegel", the extension is ".zgl", the MIME is "application/x-zgl".
| Flag | Mask | Description |
|---|---|---|
| HAS_METADATA | 0x0001 | Encrypted metadata block |
| COMPRESSED | 0x0002 | zlib-compressed blocks |
| PASSWORD_DERIVED | 0x0004 | Argon2id key derivation |
| HAS_KEY_COMMITMENT | 0x0008 | Key commitment value |
| HAS_EXPIRATION | 0x0010 | Cryptographic expiration |
| HAS_PUBLIC_METADATA | 0x0020 | Unencrypted metadata |
| MULTI_FILE | 0x0040 | Multi-file container |
| HAS_CANARY | 0x0080 | Canary trap fingerprinting |
| HAS_REDACTIONS | 0x0100 | Partially redacted blocks |
| SPLIT_KEY | 0x0200 | Shamir's Secret Sharing |
| SELECTIVE_DISCLOSURE | 0x0400 | Selective disclosure index |
| VERSIONED | 0x0800 | Version chain hash |
| Value | Name | Description |
|---|---|---|
| 0x01 | CONTENT | File content chunk |
| 0x02 | METADATA | Encrypted JSON metadata |
| 0x03 | PUBLIC_METADATA | Unencrypted metadata |
| 0x04 | FILE_HEADER | Multi-file sub-file header |
| 0x05 | PROVENANCE | Chain of custody event |
| 0x06 | REDACTED | Permanently redacted block |
| 0x07 | ATTESTATION | Co-signature attestation |
| 0x08 | REFERENCE | Cross-file reference |
| 0x09 | AUDIT | Audit trail entry |
| 0x0A | DISCLOSURE_INDEX | Selective disclosure index |
Build in this order:
- lib/ (core Dart library) - with 100% test coverage
- test_vectors/ - generated from lib/, verified against PHP reference
- cli/ - thin wrapper around lib/
- app/ - Flutter GUI for all platforms
zegel seal <input-file> -k <key-file-or-hex> -o <output.zgl> [--metadata key=value...] [--compress] [--password] [--expires YYYY-MM-DD]
zegel verify <file.zgl> -k <key-file-or-hex>
zegel extract <file.zgl> -k <key-file-or-hex> -o <output-file>
zegel inspect <file.zgl>
zegel keygen [-o <key-file>]
zegel redact <file.zgl> -k <key-file-or-hex> --blocks 1,3,5 -o <redacted.zgl>
zegel split-key -k <key-file-or-hex> --threshold 3 --shares 5 -o <share-dir/>
zegel reconstruct <share1> <share2> <share3> -o <key-file>
zegel attest <file.zgl> --signer-key <key> --statement "Reviewed and approved"
zegel disclose <file.zgl> -k <key-file-or-hex> --blocks 0,2 -o <token.json>
zegel extract-with-token <file.zgl> --token <token.json> -o <output-file>
Key formats accepted:
- Hex string:
--key 0a1b2c3d...(64 hex chars = 32 bytes) - Key file:
--key-file path/to/keyfile(raw 32 bytes or base64) - Interactive prompt: if no key flag, ask securely
- lib/: Unit tests for every public method. Property-based tests for roundtrip (create -> verify -> extract). Tamper detection tests (flip bits at every position). Split-key reconstruction tests with various M/N combinations. Canary identification tests. Redaction integrity tests. Audit trail chain hash tests.
- cli/: Integration tests for every command.
- app/: Widget tests for key screens. Integration test for seal -> verify flow.
- cross-platform: Generate .zgl files in Dart, verify against PHP reference output.
GitHub Actions workflows:
test.yml- Run all tests on push/PRbuild.yml- Build all platform binaries on release tagsrelease.yml- Create GitHub release with binaries and checksums