SilverLABS/SilverMetal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0a0075ce66ed83893d8542424fb074ff213b2b68
SilverMetal/stack/sync/README.md
SysAdmin 7d5f9cc246 chore(scaffold): initial SilverMetal program scaffold 
Cross-platform privacy-hardening program. Two-layer product:
- SilverLABS Application Stack (cross-platform spine)
- Platform Hardening Profiles (per-OS, tier-honest)

Platforms: Linux (Debian/Kicksecure), Android (Pixel/Samsung/Moto/generic),
Windows (LTSC IoT), macOS (profile), iOS (MDM profile). Each flavour has
both a preflashed hardware SKU path and a self-apply "harden your existing
device" path.

Includes umbrella docs (README + threat-model, design-principles,
platform-matrix, roadmap, trust-model), per-platform and per-stack-
component README stubs, .gitignore, LICENSE.

Linux v1 ships first; Stack v1 = Browser + VPN + Sync.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 03:11:48 +01:00

53 lines
2.1 KiB
Markdown
Raw Blame History

# SilverSync
**Status**: v1 (Linux MVP) — planning
A private replacement for iCloud / Google Drive / OneDrive. Contacts, calendar, files, photos, notes — synced across all your SilverMetal devices, encrypted client-side, zero-knowledge to the server.
## v1 scope
- **Contacts** — CardDAV
- **Calendar** — CalDAV
- **Files** — WebDAV with client-side encryption (E2EE)
- **Photos** — file-based, with client-side encryption
v1.1 adds Notes, Tasks.
## Server side
Lives in `SilverLABS/silver-sync-server` (separate repo). Stack:
- **Nextcloud** for files / photos (with E2EE app)
- **Radicale** or **Baïkal** for CardDAV / CalDAV
- Behind SilverVPN by default for transport-layer privacy
- Self-hostable — the same stack runs on a user's home server
## Client-side encryption
- Files: each file encrypted with a per-file content key; content keys wrapped with a user-derived master key (Argon2id from passphrase + account number)
- Server stores only ciphertext + opaque metadata
- Server cannot read filenames in their entirety (filename encryption mode in Nextcloud E2EE)
- Master key never leaves the device
## Per-platform clients
- **Linux**: GNOME / Plasma evolution, native CardDAV/CalDAV via existing tooling; Nextcloud client for files
- **Android**: DAVx⁵ (CardDAV/CalDAV) + Nextcloud Android client (rebranded)
- **Windows**: Nextcloud Windows client (rebranded) + Outlook integration
- **macOS**: Nextcloud macOS client (rebranded) + native Calendar/Contacts integration
- **iOS**: Nextcloud iOS app (rebranded) + iOS native CardDAV/CalDAV providers
## What this is not
- Not a "free Google replacement for everyone" — server costs are real, paid tier funds them
- Not a CDN — files sync between user's devices, not at internet scale
- Not a backup product — this is sync; backup is a separate concern (offer integration with restic/borg later)
## Migration
Documented procedures for users coming from:
- iCloud → SilverSync
- Google → SilverSync
- OneDrive → SilverSync
These guides are critical for onboarding and live in `docs/` of this directory once the client ships.
Reference in New Issue View Git Blame Copy Permalink