Skip to content

davex-ai/DeltaForge

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
.idea
.idea
 
 
client-core
client-core
 
 
.gitignore
.gitignore
 
 
CodeKnow.txt
CodeKnow.txt
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

🔐 DeltaForge Vault

A modern, pluggable, zero-knowledge encrypted password vault for Java.

DeltaForge Vault gives Java developers an ultra-lightweight, AES-GCM encrypted,
PBKDF2-hardened, file-based password vault that can be dropped into any project.
Clone it, plug it in, and stop rewriting crypto flows from scratch.

✨ Features

  • AES-256-GCM encryption (authenticated encryption, tamper-proof)
  • PBKDF2-HMAC-SHA256 key derivation
  • Random per-vault salts
  • Random IV per encryption
  • Zero-knowledge design — your password never leaves the device
  • Simple JSON file backend (Base64-wrapped secure payload)
  • Plugin-friendly API — embed the vault in other apps
  • Memory scrubbing — plaintext erased after use
  • Builder pattern for clean configuration

🚀 Quick Start

1. Create a Vault

Vault vault = Vault.builder()
        .file(new File("vault.json"))
        .kdfIterations(150_000)
        .keyLength(256)
        .build();

char[] password = "secret123".toCharArray();
vault.createNew(password);
2. Open and Add Entries
java
Copy code
VaultData data = vault.open(password);

data.addEntry(
        "gmail",
        "dave@gmail.com",
        "superpass123"
);

vault.save(data);

3. Vault File Structure

Encrypted vault files store 3 fields:

Copy code
{
  "salt": "...",
  "iv": "...",
  "ciphertext": "...",
  "kdfIterations": 150000,
  "kdfAlgo": "PBKDF2WithHmacSHA256",
  "cipher": "AES/GCM/NoPadding"
}

Everything sensitive is protected with AES-GCM, which includes a 128-bit authentication tag to prevent tampering.

🧩 Embedding DeltaForge Vault in Your App

DeltaForge Vault is designed to be plug-and-play. Any Java application can embed the vault:

  • Desktop apps

  • CLI tools

  • Android (with slight modifications)

  • Microservices needing encrypted credential storage

  • Plugins for existing apps

  • Secure config managers

  • Just import the Maven module and use the builder.

🛡️ Security Notes

  • Master passwords are never stored.

  • Keys are derived using PBKDF2 with configurable iteration count.

  • IVs are random per operation.

  • Memory is wiped after use where possible.

  • JSON only stores Base64-encoded encrypted bytes.

You are responsible for:

  • keeping the vault file safe

  • using strong master passwords

  • increasing KDF iterations over time

🗂️ Project Structure

Copy code
/src/main/java
    dave.deltaforge.crypto/
        AESEncryption.java
        KeyDerivation.java
    dave.deltaforge.vault/
        Vault.java
        VaultData.java
        VaultEntry.java
    dave.deltaforge/
        Main.java

🤝 Contributing

Pull requests are welcome. If you have ideas for features (e.g. versioning, auto-lock timers, CLI tool), open an issue.

📄 License

MIT License — use freely in personal and commercial projects.

Made with ☕ By Daveora

About

DeltaForge Vault — A pluggable, encrypted, zero-knowledge password vault for Java. Clone it, plug it in, and stop writing crypto flows from scratch.

Topics

java cli crypto

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages