SilverLABS/SilverMetal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
SilverMetal/stack/sync
History
SysAdmin 7d5f9cc246 chore(scaffold): initial SilverMetal program scaffold 
Cross-platform privacy-hardening program. Two-layer product:
- SilverLABS Application Stack (cross-platform spine)
- Platform Hardening Profiles (per-OS, tier-honest)

Platforms: Linux (Debian/Kicksecure), Android (Pixel/Samsung/Moto/generic),
Windows (LTSC IoT), macOS (profile), iOS (MDM profile). Each flavour has
both a preflashed hardware SKU path and a self-apply "harden your existing
device" path.

Includes umbrella docs (README + threat-model, design-principles,
platform-matrix, roadmap, trust-model), per-platform and per-stack-
component README stubs, .gitignore, LICENSE.

Linux v1 ships first; Stack v1 = Browser + VPN + Sync.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 03:11:48 +01:00
..
README.md
chore(scaffold): initial SilverMetal program scaffold
2026-04-25 03:11:48 +01:00

README.md

SilverSync

Status: v1 (Linux MVP) — planning

A private replacement for iCloud / Google Drive / OneDrive. Contacts, calendar, files, photos, notes — synced across all your SilverMetal devices, encrypted client-side, zero-knowledge to the server.

v1 scope

  • Contacts — CardDAV
  • Calendar — CalDAV
  • Files — WebDAV with client-side encryption (E2EE)
  • Photos — file-based, with client-side encryption

v1.1 adds Notes, Tasks.

Server side

Lives in SilverLABS/silver-sync-server (separate repo). Stack:

  • Nextcloud for files / photos (with E2EE app)
  • Radicale or Baïkal for CardDAV / CalDAV
  • Behind SilverVPN by default for transport-layer privacy
  • Self-hostable — the same stack runs on a user's home server

Client-side encryption

  • Files: each file encrypted with a per-file content key; content keys wrapped with a user-derived master key (Argon2id from passphrase + account number)
  • Server stores only ciphertext + opaque metadata
  • Server cannot read filenames in their entirety (filename encryption mode in Nextcloud E2EE)
  • Master key never leaves the device

Per-platform clients

  • Linux: GNOME / Plasma evolution, native CardDAV/CalDAV via existing tooling; Nextcloud client for files
  • Android: DAVx⁵ (CardDAV/CalDAV) + Nextcloud Android client (rebranded)
  • Windows: Nextcloud Windows client (rebranded) + Outlook integration
  • macOS: Nextcloud macOS client (rebranded) + native Calendar/Contacts integration
  • iOS: Nextcloud iOS app (rebranded) + iOS native CardDAV/CalDAV providers

What this is not

  • Not a "free Google replacement for everyone" — server costs are real, paid tier funds them
  • Not a CDN — files sync between user's devices, not at internet scale
  • Not a backup product — this is sync; backup is a separate concern (offer integration with restic/borg later)

Migration

Documented procedures for users coming from:

  • iCloud → SilverSync
  • Google → SilverSync
  • OneDrive → SilverSync

These guides are critical for onboarding and live in docs/ of this directory once the client ships.

Reference in New Issue View Git Blame Copy Permalink