Sovereign, offline-first, post-quantum encrypted digital vault.
Verrou is a desktop application that securely stores your most sensitive digital secrets — 2FA codes (TOTP/HOTP), seed phrases (BIP39), recovery codes, credentials, and secure notes. It never connects to the internet; all data stays on your device, protected by a quantum-resistant, defense-in-depth design (see Security Model below).
.verrou format exportverrou-crypto-core ──> verrou-vault ──> src-tauri ──> SolidJS frontend
(cryptographic primitives) (business logic) (Tauri IPC shell) (WebView UI)
| Crate | Role | Network deps |
|---|---|---|
verrou-crypto-core |
Pure crypto: KEM, KDF, AEAD, BLAKE3, TOTP, BIP39, slots, signatures | None |
verrou-vault |
Vault lifecycle, entries, folders, attachments, import/export, SQLCipher | None |
src-tauri |
Tauri 2.0 commands, platform integration, clipboard, tray, biometric | Tauri only |
The frontend uses SolidJS with Kobalte primitives, CSS Modules, and the @solid-primitives/i18n i18n system.
.verrou backups are key-wrapped with a hybrid X25519 + ML-KEM-1024 KEM and signed with hybrid Ed25519 + ML-DSA-65; import verifies the signature fail-closed before decrypting. Data at rest is symmetric (already quantum-resistant), so no public key guards itverrou-crypto-core or verrou-vault dependency treesmlock pinning, Zeroize on drop for all key materialNSPasteboard concealed type, Windows clipboard history exclusion, configurable auto-clearFull cryptographic design and threat model: docs/CRYPTO_DESIGN.md · docs/THREAT_MODEL.md
# Install frontend dependencies
npm install
# Run in development mode (compiles Rust + launches app)
npm run tauri dev
# Build for production (outputs platform installer)
npm run tauri build
# Crypto-core (no Tauri dependencies)
cargo build --lib -p verrou-crypto-core
# Vault (no Tauri dependencies)
cargo build --lib -p verrou-vault
# Full workspace
cargo build --workspace
# Rust tests (crypto KAT vectors, integration, proptests)
cargo test --workspace
# Frontend tests (components, hooks, IPC)
npm test
cargo fmt --all -- --check
cargo clippy --workspace --all-targets -- -D warnings
cargo deny check
Verrou/
├── crates/
│ ├── verrou-crypto-core/ # Cryptographic primitives (audit target)
│ │ ├── src/
│ │ │ ├── kem.rs # X25519 + ML-KEM-1024 hybrid KEM
│ │ │ ├── kdf.rs # Argon2id key derivation
│ │ │ ├── symmetric.rs # AES-256-GCM AEAD
│ │ │ ├── slots.rs # Key slot wrapping (password/biometric/recovery/hardware)
│ │ │ ├── vault_format.rs # Binary vault format (seal/unseal)
│ │ │ ├── totp.rs # TOTP/HOTP generation (RFC 6238/4226)
│ │ │ ├── bip39/ # BIP39 mnemonic (10 languages)
│ │ │ ├── password/ # Password/passphrase generation
│ │ │ ├── signing.rs # Ed25519 + ML-DSA-65 hybrid signing
│ │ │ ├── transfer/ # QR transfer encryption
│ │ │ ├── biometric.rs # Biometric token types
│ │ │ ├── hardware_key.rs # Hardware security key types
│ │ │ └── memory.rs # mlock/Zeroize memory protection
│ │ └── tests/ # KAT vectors, proptests, integration
│ └── verrou-vault/ # Business logic
│ ├── src/
│ │ ├── lifecycle.rs # Create, unlock, lock, change password
│ │ ├── entries.rs # CRUD for all secret types
│ │ ├── folders.rs # Folder hierarchy
│ │ ├── attachments.rs # File attachments
│ │ ├── import/ # Aegis, Google Auth, 2FAS, .verrou
│ │ ├── export/ # .verrou encrypted export
│ │ ├── health.rs # Password health analysis
│ │ ├── preferences.rs # User settings
│ │ └── transfer.rs # QR transfer session management
│ └── tests/ # Integration tests
├── src-tauri/ # Tauri application shell
│ ├── src/
│ │ ├── commands/ # IPC command handlers
│ │ ├── platform/ # OS-specific (clipboard, biometric, tray, hardware key)
│ │ └── lib.rs # Command registration
│ └── Cargo.toml
├── src/ # SolidJS frontend
│ ├── features/ # Feature modules (entries, vault, folders, etc.)
│ ├── components/ # Shared UI components
│ ├── i18n/ # Translations (en, fr)
│ └── styles/ # CSS Modules + design tokens
├── .github/workflows/ci.yml # CI: build, lint, clippy, tests, security checks
└── LICENSE # GPL-3.0-or-later
Every push and PR runs:
npm run build)cargo fmt checkcargo clippy with -D warningscargo deny (license and advisory audit)Contributions are welcome. Please open an issue before starting work on large changes.
cargo test --workspace and npm test passcargo clippy --workspace --all-targets -- -D warnings is cleanGPL-3.0-or-later — Copyright 2026 Arnault Pascual
$ claude mcp add Verrou \
-- python -m otcore.mcp_server <graph>