Buttercup core library
A NodeJS secrets vault.
Archives that contain
Entrys. Together, in a nested structure, these items act as a secure store for a user's credentials (much like standard managers these days). Entries allow you to store a credential's username and password, along with other miscellaneous properties (meta) and invisible functional info (attributes).
Buttercup archives sit in memory as an Object instance that is built from deltas that modify the structure. As changes are made to the archive, new delta commands are added to the history and saved to the archive's
Datasource. Archives are compressed and encrypted before being saved.
The core of the system, this Buttercup Core, boasts a few awesome features:
- Deltas for storing archive history
- Conflict resolution and archive merging
- AES CBC/GCM encryption w/ 256bit keys
- SHA-256 keys using PBKDF2 derivation
- SHA-256 HMAC authentication
- GZip text compression
This library also supports a variety of datasources for loading from and saving to:
To use Buttercup in a NodeJS environment, you can simply install and require it:
npm install buttercup --save
const Archive = ;
To use Buttercup in a browser, you probably want to include the
buttercup-web.min.js file in the
Buttercup centers around Archives which are the structures that manage stored secrets. An archive is a single encrypted data store which can be read from and written to a variety of storages (mentioned earlier). Archives are made up of Groups and Entries. A Group can be seen as a folder that contains Entries in a tree structure, and Entries are like files in that they contain secret information about some thing (website login, bank account etc.).
To get started, we should create a new Archive:
;// Create an empty archiveconst archive1 = ;// Create an archive with "General" and "Trash" groupsconst archive2 = Archive;
Entries can't be added directly to an archive, but can be to Groups. Creating Groups and Entries is trivial:
const archive = ;const myGroup = archive;const myEntry = myGroup;
Every command on Archives, Groups and Entries modifies the Archive instance, but does not save it to storage. There is no command or need to commit any data - each instance links back to the original Archive. Archives are saved and loaded using Datasources:
;const FileDatasource = Datasources;const fileDatasource = "./user.bcup";const archive = Archive;archive;const credentials = Credentials;fileDatasource; // returns Promise
const fileDatasource = "./user.bcup";const credentials = Credentials;fileDatasource;