Graphorin API reference / @graphorin/security / / ENCRYPTED_FILE_MAGIC

Variable: ENCRYPTED_FILE_MAGIC

const ENCRYPTED_FILE_MAGIC: 16777216 = 0x01_00_00_00;

Defined in: packages/security/src/secrets/resolvers/encrypted-file.ts:34

On-disk format of an encrypted bundle:

text

[4 bytes] magic version (0x01000000 little-endian)
[16 bytes] Argon2id salt (random per bundle)
[12 bytes] AES-256-GCM nonce (random per bundle)
[N bytes]  AES-256-GCM ciphertext
[16 bytes] AES-256-GCM authentication tag

The ciphertext, once decrypted, is UTF-8 JSON of the shape { values: Record<string, string>, meta: { createdAt: string } }.

The bundle is read end-to-end, decrypted with the passphrase derived via Argon2id, and the requested fragment (#field) is selected from the values map. JSON-pointer style fragments (#/path/to/field) are supported for nested objects (post-MVP).

errors

Classes

Type Aliases

evaluator-optimizer

Interfaces

Type Aliases

Functions

factory

Functions

fallback

Interfaces

Type Aliases

Functions

fanout

Interfaces

Type Aliases

Functions

filters

Interfaces

Variables

Functions

preferred-model

Interfaces

Functions

progress

Interfaces

Functions

run-state

Interfaces

Variables

Functions

client

Classes

Interfaces

Type Aliases

errors

Classes

Type Aliases

reconnect

Interfaces

Functions

cli

Interfaces

Type Aliases

Functions

loaders

Functions

errors

Classes

Interfaces

Type Aliases

conflict

Variables

errors

Classes

facade

Interfaces

Functions

tools

Functions

openinference

Type Aliases

Variables

Functions

redaction

imperative-patterns

Interfaces

Type Aliases

Variables

Functions

patterns

Interfaces

Type Aliases

Variables

telemetry

Interfaces

Functions

client-message

Type Aliases

Variables