baseid-store

Provides encrypted credential storage for BaseID wallets. Credentials are encrypted at rest using XChaCha20-Poly1305 with per-credential keys derived via HKDF-SHA256, while a plaintext metadata index enables efficient querying without decryption.

Key Features

XChaCha20-Poly1305 Encryption — AEAD encryption with 24-byte nonces and 16-byte authentication tags for credential-at-rest protection
HKDF Per-Credential Keys — Each credential gets a unique derived encryption key; compromise of one does not reveal others
KeyStore Trait — Platform-agnostic key storage abstraction for iOS Secure Enclave, Android Keystore, TPM, or software fallback
EncryptedWalletStore — Implements WalletStore from baseid-wallet-core with store, get, list, delete, and filtering
Plaintext Metadata Index — Format, issuer, and dates stored unencrypted for efficient listing without decryption (no PII)
SoftwareKeyStore — In-memory key store for testing, supporting Ed25519, P-256, P-384, and secp256k1

Quick Start

use baseid_store::{EncryptedWalletStore, SoftwareKeyStore, KeyStore};
use baseid_wallet_core::holder::WalletStore;

// Create an encrypted wallet store (random master key)
let store = EncryptedWalletStore::new();

// Or with a specific master key
let store = EncryptedWalletStore::with_master_key([42u8; 32]);

// Store a credential (encrypted at rest)
let id = store.store_credential(credential).await?;

// Retrieve (decrypts transparently)
let cred = store.get_credential(&id).await?;

// List with filtering (queries plaintext metadata, no decryption)
use baseid_wallet_core::CredentialFilter;
use baseid_core::types::CredentialFormat;

let filtered = store.list_credentials(CredentialFilter {
    format: Some(CredentialFormat::W3cVc),
    issuer: None,
}).await?;

// Delete a credential
store.delete_credential(&id).await?;

Key Store Abstraction

The KeyStore trait enables platform-specific secure key storage:

use baseid_store::{SoftwareKeyStore, KeyStore};

let ks = SoftwareKeyStore::new();

// Generate a key (Ed25519, P-256, P-384, or secp256k1)
let key_id = ks.generate_key("Ed25519").await?;

// Sign data
let signature = ks.sign(&key_id, b"data to sign").await?;

// Get public key bytes
let pub_bytes = ks.public_key(&key_id).await?;

// Delete when no longer needed
ks.delete_key(&key_id).await?;

Encryption Architecture

Layer	Algorithm	Purpose
Master Key	256-bit random	Root secret for the wallet
Key Derivation	HKDF-SHA256	Unique per-credential key from master + credential ID
Encryption	XChaCha20-Poly1305	AEAD with 24-byte nonce, 16-byte auth tag

Master Key + "cred-42" --[HKDF-SHA256]--> Per-Credential Key
Per-Credential Key + Random Nonce --[XChaCha20-Poly1305]--> Ciphertext + Auth Tag

Key Types

Type	Description
`KeyStore`	Async trait: `generate_key`, `sign`, `public_key`, `delete_key`
`SoftwareKeyStore`	In-memory `KeyStore` implementation for testing
`EncryptedWalletStore`	Encrypted `WalletStore` with metadata index
`EncryptedCredential`	Stored blob: id, ciphertext, nonce, algorithm
`StoreError`	Errors: encryption/decryption/serialization failures, not found

Supported Algorithms

Algorithm String	KeyType	Use
`"ed25519"`, `"EdDSA"`	Ed25519	Default signing
`"p256"`, `"ES256"`, `"P-256"`	P-256	NIST curve
`"p384"`, `"ES384"`, `"P-384"`	P-384	High-security NIST curve
`"secp256k1"`, `"ES256K"`	Secp256k1	Bitcoin/Ethereum compatibility

baseid-wallet-core — WalletStore trait that EncryptedWalletStore implements
baseid-crypto — Key pair generation used by SoftwareKeyStore
baseid-core — CredentialFormat, CredentialId, error types