Bau is a secure, fast, multi-platform encryption library for your data. With Bau, you can store your data on a cloud platform without concern about prying eyes. Bau ensures that data is accessible only to the end users. Bindings are for Go, Java, Dart and Python.
Why?
Modern applications often live on cloud platforms and benefit from the scalability and affordability that a shared, maintained environment offers. They are also subject to concern on data control, not knowing exactly who can access and manage the data.
Bun protects your data with an encryption layer. Data is decrypted only on the end user device, whether it is a pc or a mobile phone. And the end user can grant access to other people. The access control is secured by blockchains.
How?
Bun uses envelope encryption: your data is encrypted with a random AES key, and that AES key is then encrypted with an elliptic key assigned to each authorized user. Every user has their own envelope key, all recorded on the blockchain. The blockchain also stores access rights, such as which user is an admin and can grant or revoke access.
The below code shows how Alice and Bob can exchange data securely:
from baolib import *
# Create identities
alice, alice_secret = newKeyPair()
bob, bob_secret = newKeyPair()
# Alice creates a vault with S3 storage
store = Store({'type': 's3', ...})
vault = Vault.create(Vault.users, alice_secret, store, DB('alice.db'))
# Alice grants Bob access
vault.sync_access(0, AccessChange(bob, Access.read_write))
# Alice writes a file
vault.write('shared/message.txt', src='hello.txt')
# Bob opens Alice's vault with his own database
vault_bob = Vault.open(Vault.users, bob_secret, alice, store, DB('bob.db'))
vault_bob.read('shared/message.txt', 'output.txt')
Besides file storage, Bau offers a SQL interface. By using the SQL interface, you can implement a local first, distributed DB for your application.
