Vault, Identity, and mTLS

This section details the security infrastructure of Palyra, focusing on how secrets are stored, how nodes and devices establish identity, and the mechanisms used for secure, encrypted communication across the distributed system.

Palyra Vault: Secret Storage

The palyra-vault crate provides a secure, scoped storage system for sensitive data such as API keys, connector credentials, and private configuration. It abstracts over multiple platform-specific backends to ensure that secrets are protected by the operating system’s native security facilities whenever possible.

Architecture and Backends

The Vault uses a BlobBackend trait to perform CRUD operations on encrypted payloads. The system automatically selects the most secure backend available for the host platform.

Backend Kind	Platform	Implementation Detail
`MacosKeychain`	macOS	Uses the macOS Keychain via `security` CLI or API crates/palyra-vault/src/backend.rs#44-44.
`LinuxSecretService`	Linux	Integrates with `libsecret` or `secret-tool` crates/palyra-vault/src/backend.rs#46-46.
`WindowsDpapi`	Windows	Uses Data Protection API (DPAPI) for user-level encryption crates/palyra-vault/src/backend.rs#48-48.
`EncryptedFile`	All	Fallback using `ring` (ChaCha20-Poly1305) with a local key file crates/palyra-vault/src/backend.rs#42-42.

Scoping and Metadata

Secrets are organized using a VaultScope, which prevents one component (e.g., a specific agent or connector) from accessing secrets belonging to another.

VaultScope: A hierarchical path-like identifier crates/palyra-vault/src/scope.rs#7-7.
Object ID: Generated by hashing the scope and the secret key to create a unique storage locator crates/palyra-vault/src/lib.rs#18-18.
Metadata: Each secret is stored with a SecretMetadata envelope containing creation timestamps and versioning crates/palyra-vault/src/metadata.rs.

Sources: crates/palyra-vault/src/lib.rs#1-20, crates/palyra-vault/src/backend.rs#39-133, crates/palyra-vault/src/scope.rs#7-16

Identity and Device Management

The palyra-identity crate manages the cryptographic identity of the local node and the trust relationships with other devices. Every Palyra instance is identified by an Ed25519 keypair.

Identity Storage

Identities are stored in a SecretStore, which can be an InMemorySecretStore for testing or a FilesystemSecretStore for production crates/palyra-identity/src/store.rs#34-87.

Encryption: The FilesystemSecretStore encrypts identity data on disk using ChaCha20-Poly1305 crates/palyra-identity/src/store.rs#16-22.
Platform Hardening: On Windows, it uses DPAPI and ACLs to ensure only the current user can read the identity files crates/palyra-identity/src/store.rs#98-105. On Unix, it enforces 0o700 directory permissions crates/palyra-identity/src/store.rs#109-112.

Device Identity

A DeviceIdentity consists of a unique ULID and a public key crates/palyra-identity/src/device.rs. These identities are used to sign requests and establish mTLS sessions. Sources: crates/palyra-identity/src/lib.rs#1-25, crates/palyra-identity/src/store.rs#15-115

Node Pairing Handshake

Pairing is the process by which a new device (e.g., a mobile app or another daemon) is authorized to communicate with a Palyra node.

The Handshake Flow

Palyra supports multiple pairing methods, including PIN codes and QR codes. The process involves a multi-step handshake implemented in palyra-identity::pairing::handshake.

Initiation: The user generates a pairing code via the CLI or Web UI using PairingCommand::Code crates/palyra-cli/src/commands/pairing.rs#72-96.
Handshake: The joining device presents a proof (PIN/QR) and its public key.
Approval: Pairing requests default to a deny_by_default state and require explicit human approval via PairingCommand::Approve crates/palyra-cli/src/commands/pairing.rs#97-109.
Persistence: Upon success, the new device’s identity is stored in the IdentityManager crates/palyra-cli/src/commands/pairing.rs#168-177.

Pairing Implementation Diagram

The following diagram maps the CLI commands to the underlying identity logic. Title: Node Pairing Logic Flow Sources: crates/palyra-cli/src/commands/pairing.rs#7-178, crates/palyra-identity/src/store.rs#87-115, crates/palyra-cli/tests/pairing_flow.rs#17-108

mTLS and QUIC Transport Layer

Palyra uses Mutual TLS (mTLS) over QUIC for all node-to-node communication, ensuring that both the client and server are cryptographically verified.

QUIC Runtime

The palyra-daemon implements a QuicRuntime that handles incoming encrypted streams.

Server Setup: bind_endpoint initializes a quinn::Endpoint using QuicServerTlsConfig crates/palyra-daemon/src/quic_runtime.rs#62-80.
Client Verification: The runtime can require client certificates, verified against a local CA certificate crates/palyra-daemon/src/quic_runtime.rs#19-25.
Framing: Data is sent in frames using read_frame and write_frame from palyra-transport-quic crates/palyra-daemon/src/quic_runtime.rs#149-152.

Transport Entity Mapping

Title: QUIC Transport and Identity Integration

Protocol Features

Health Checks: Supports a node.health method over QUIC to verify peer connectivity crates/palyra-daemon/src/quic_runtime.rs#13-13.
Event Streaming: The node.stream_events method allows for low-latency delivery of system events between nodes crates/palyra-daemon/src/quic_runtime.rs#14-14.
Concurrency: The server enforces a maximum number of concurrent connections (default 256) using a Semaphore [crates/palyra-daemon/src/quic_runtime.rs:16-16], crates/palyra-daemon/src/quic_runtime.rs#91-93.

Sources: crates/palyra-daemon/src/quic_runtime.rs#1-122, crates/palyra-transport-quic/src/lib.rs, crates/palyra-identity/src/mtls.rs

​Palyra Vault: Secret Storage

​Architecture and Backends

​Scoping and Metadata

​Identity and Device Management

​Identity Storage

​Device Identity

​Node Pairing Handshake

​The Handshake Flow

​Pairing Implementation Diagram

​mTLS and QUIC Transport Layer

​QUIC Runtime

​Transport Entity Mapping

​Protocol Features