End-to-end encrypted document sharing you self-host.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for subhayu99 from gravatar.com subhayu99
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License (Apache-2.0)
  • Tags cli , document-sharing , e2ee , encryption , self-hosted
  • Requires: Python >=3.11
  • Provides-Extra: dev , server
Classifiers
Report project as malware

Project description

                    _ _            _
       __   _____| | | __ _ _ __(_)___
       \ \ / / _ \ | |/ _` | '__| / __|
        \ V /  __/ | | (_| | |  | \__ \
         \_/ \___|_|_|\__,_|_|  |_|___/

Files only the people you choose can read.

End-to-end encrypted document sharing you self-host.

pip install vellaris

Source · PyPI · Docs · License

Status

v0.2.0 — feature drop. Alpha; expect rough edges. The on-wire format is still locked, so blobs encrypted with any v0.x release keep decrypting on later versions.

What v0.2 adds on top of the v0.1 baseline:

  • Web Worker for crypto. RSA-4096 keygen and Argon2id-at-prod-params no longer block the main thread on signup or login. The EncryptAnim actually animates instead of stuttering.
  • IndexedDB-backed key store. The wrapped private key now lives in IDB, with one-shot migration from any pre-existing localStorage entry.
  • Streaming uploads. The upload route reads files via File.stream() instead of file.arrayBuffer(), so the SPA no longer trips ArrayBuffer size limits on multi-hundred-megabyte uploads.

Plus the v0.1.3 → v0.1.5 fixes already in: owner-visible "shared with" chips on /doc/:id, manual Cloudflare pageviews on the public auth routes only (no leak past login), and a strict-ish Content-Security- Policy on the SPA.

How it works

Vellaris encrypts files on your device with a fresh AES-256 key, then encrypts that key once for each recipient with their RSA-4096 public key. Your self-hosted server only ever holds ciphertext, encrypted-DEK rows, and a signed audit log — it cannot decrypt anything.

crypto: AES-256-GCM · RSA-4096 OAEP-SHA256 · Argon2id passphrase KDF

Three clients, one trust boundary

Client Install When to reach for it
CLI pip install vellaris Engineers, scripts, CI pipelines
Python SDK pip install vellaris Automations, ETLs, webhook handlers
Web Static SPA, deploy-anywhere Colleagues who don't live in a terminal

Every client speaks the same on-wire protocol; the server publishes its contract at /openapi.json.

Run a server

docker run -p 8000:8000 ghcr.io/subhayu99/vellaris:latest

Or docker compose -f docker/compose.yaml up for a Postgres-backed dev stack.

License

Apache 2.0. No CLA traps. Read every line on GitHub.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for subhayu99 from gravatar.com subhayu99
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License (Apache-2.0)
  • Tags cli , document-sharing , e2ee , encryption , self-hosted
  • Requires: Python >=3.11
  • Provides-Extra: dev , server
Classifiers

Release history Release notifications | RSS feed

0.7.0

0.6.0

0.5.7

0.5.6

0.5.5

0.5.4

0.5.2

0.5.1

This version

0.4.1

0.4.0

0.3.2

0.3.1

0.3.0

0.2.0

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vellaris-0.4.1.tar.gz (77.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

vellaris-0.4.1-py3-none-any.whl (60.2 kB view details)

Uploaded Python 3

File details

Details for the file vellaris-0.4.1.tar.gz.

File metadata

  • Download URL: vellaris-0.4.1.tar.gz
  • Upload date:
  • Size: 77.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for vellaris-0.4.1.tar.gz
Algorithm Hash digest
SHA256 b7a5caa60c9e5f21b61b9d77fea36e4f9036f719405b8915eb703585bc63f5c6
MD5 78d42510fec12b6c3c7ea1061237f4ae
BLAKE2b-256 8012660703cbbb470a5c6fcb356a77508459d72ce4892cc967b089332d9e15d5

See more details on using hashes here.

Provenance

The following attestation bundles were made for vellaris-0.4.1.tar.gz:

Publisher: release.yml on subhayu99/vellaris

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file vellaris-0.4.1-py3-none-any.whl.

File metadata

  • Download URL: vellaris-0.4.1-py3-none-any.whl
  • Upload date:
  • Size: 60.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for vellaris-0.4.1-py3-none-any.whl
Algorithm Hash digest
SHA256 96716fec8396c2efec4820e5263ca67f76efe25485c290f2146ee4d32aa44717
MD5 24848eadb6828481bbe7f8780e769262
BLAKE2b-256 443ff33ef26b00d52749715c443174600b7d9ebfb8a70e8e1c6d897e2ae3bd1a

See more details on using hashes here.

Provenance

The following attestation bundles were made for vellaris-0.4.1-py3-none-any.whl:

Publisher: release.yml on subhayu99/vellaris

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page