End-to-end encrypted document sharing you self-host.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for subhayu99 from gravatar.com subhayu99
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License (Apache-2.0)
  • Tags cli , document-sharing , e2ee , encryption , self-hosted
  • Requires: Python >=3.11
  • Provides-Extra: dev , server
Classifiers
Report project as malware

Project description

                    _ _            _
       __   _____| | | __ _ _ __(_)___
       \ \ / / _ \ | |/ _` | '__| / __|
        \ V /  __/ | | (_| | |  | \__ \
         \_/ \___|_|_|\__,_|_|  |_|___/

Files only the people you choose can read.

End-to-end encrypted document sharing you self-host.

pip install vellaris

Source · PyPI · Docs · License

Status

v0.2.0 — feature drop. Alpha; expect rough edges. The on-wire format is still locked, so blobs encrypted with any v0.x release keep decrypting on later versions.

What v0.2 adds on top of the v0.1 baseline:

  • Web Worker for crypto. RSA-4096 keygen and Argon2id-at-prod-params no longer block the main thread on signup or login. The EncryptAnim actually animates instead of stuttering.
  • IndexedDB-backed key store. The wrapped private key now lives in IDB, with one-shot migration from any pre-existing localStorage entry.
  • Streaming uploads. The upload route reads files via File.stream() instead of file.arrayBuffer(), so the SPA no longer trips ArrayBuffer size limits on multi-hundred-megabyte uploads.

Plus the v0.1.3 → v0.1.5 fixes already in: owner-visible "shared with" chips on /doc/:id, manual Cloudflare pageviews on the public auth routes only (no leak past login), and a strict-ish Content-Security- Policy on the SPA.

How it works

Vellaris encrypts files on your device with a fresh AES-256 key, then encrypts that key once for each recipient with their RSA-4096 public key. Your self-hosted server only ever holds ciphertext, encrypted-DEK rows, and a signed audit log — it cannot decrypt anything.

crypto: AES-256-GCM · RSA-4096 OAEP-SHA256 · Argon2id passphrase KDF

Three clients, one trust boundary

Client Install When to reach for it
CLI pip install vellaris Engineers, scripts, CI pipelines
Python SDK pip install vellaris Automations, ETLs, webhook handlers
Web Static SPA, deploy-anywhere Colleagues who don't live in a terminal

Every client speaks the same on-wire protocol; the server publishes its contract at /openapi.json.

Run a server

docker run -p 8000:8000 ghcr.io/subhayu99/vellaris:latest

Or docker compose -f docker/compose.yaml up for a Postgres-backed dev stack.

License

Apache 2.0. No CLA traps. Read every line on GitHub.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for subhayu99 from gravatar.com subhayu99
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License (Apache-2.0)
  • Tags cli , document-sharing , e2ee , encryption , self-hosted
  • Requires: Python >=3.11
  • Provides-Extra: dev , server
Classifiers

Release history Release notifications | RSS feed

0.7.0

0.6.0

0.5.7

0.5.6

0.5.5

0.5.4

0.5.2

0.5.1

0.4.1

0.4.0

0.3.2

0.3.1

0.3.0

This version

0.2.0

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vellaris-0.2.0.tar.gz (77.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

vellaris-0.2.0-py3-none-any.whl (60.2 kB view details)

Uploaded Python 3

File details

Details for the file vellaris-0.2.0.tar.gz.

File metadata

  • Download URL: vellaris-0.2.0.tar.gz
  • Upload date:
  • Size: 77.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for vellaris-0.2.0.tar.gz
Algorithm Hash digest
SHA256 e09c787793760f112abb6511203e8f2d3b87cbc86eccfe8b257eb2db207972a3
MD5 f1098f4c65b63125ded717492b9f309a
BLAKE2b-256 f8c94354f95e33686ef25096a2cc23dfd67c5da57f1b7680cbd9447a549e4a55

See more details on using hashes here.

Provenance

The following attestation bundles were made for vellaris-0.2.0.tar.gz:

Publisher: release.yml on subhayu99/vellaris

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file vellaris-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: vellaris-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 60.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for vellaris-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 e5cca05faa3ba4cd3abe27786e94e705f83b779624ef032bd1e92a005000ed21
MD5 4edfa798f417091eb767afc056e494bb
BLAKE2b-256 a811c7aec8366ed47eb4a015ead5c37075deb02f4d60f54c22c10b68ec4b24de

See more details on using hashes here.

Provenance

The following attestation bundles were made for vellaris-0.2.0-py3-none-any.whl:

Publisher: release.yml on subhayu99/vellaris

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page