Collaboration beta coming soon

Group file sharing as a key-management problem.

HybridCipher treats collaboration as an end-to-end encryption system: devices hold keys, the server coordinates encrypted envelopes, and membership changes are enforced through epoch rotation rather than policy alone.

Read ArchitectureSecurity Model

Architecture Layers

The collaboration design separates identity, key delivery, file encryption, and auditability.

Identity

Device-bound membership

Users authenticate without sending passwords to the server. Authorized devices receive wrapped epoch material, not plaintext file keys.

Keys

Epoch-based group keys

Membership changes advance the group epoch. New file keys are wrapped for the current epoch, and older material can be rewrapped during background maintenance.

Files

Client-side encryption

File contents are encrypted before they reach storage. The coordination service handles metadata and key-delivery envelopes, not plaintext.

Audit

Tamper-evident events

Membership, key-delivery, and rekey events can be committed into hash-chained logs and Merkle roots for later verification.

Revocation Flow

The important distinction is that removal changes cryptographic state. A revoked member should stop receiving future epoch keys, and historical access depends on whether older file keys have been rewrapped under the new epoch.

Read Architecture Notes
1

Admin removes a member from the group state.

2

The group advances to a new epoch and stops issuing future keys to the removed identity.

3

New writes use the current epoch immediately.

4

Existing file keys are rewrapped or re-encrypted according to coverage policy.

5

Audit entries record the membership transition and rekey coverage.

Design Tradeoffs

The model favors explicit cryptographic guarantees over vague claims about server-side control.

Cryptographic revocation is not just an ACL

Removing access requires key evolution and, for older files, a rekey operation. The model makes that work explicit instead of pretending a server-side permission change is enough.

Offline work needs cached authority

Authorized devices can continue using cached epoch keys, while new devices or membership changes require coordination when connectivity returns.

Auditability adds state

Transparency logs and coverage proofs improve accountability, but they also introduce verification data that must be stored, synced, and checked.

Related Technical References

Technical Documentation
Cryptography, architecture, and implementation details.
Security & Threat Model
Assets, trust boundaries, protections, and assumptions.
Public Repository
Source, releases, and implementation notes.