Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion AGENTS.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Rune-Vault (rune-admin)

Single-binary Go gRPC server (`runevault`) for FHE-encrypted organizational
memory. Built on `github.com/CryptoLabInc/envector-go-sdk`. The secret key
memory. Built on `github.com/CryptoLabInc/runespace-sdk`. The secret key
never leaves this server.

## Setup
Expand Down
2 changes: 1 addition & 1 deletion CLAUDE.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Rune-Vault (rune-admin)

Single-binary Go gRPC server (`runevault`) for FHE-encrypted organizational
memory. Built on `github.com/CryptoLabInc/envector-go-sdk`. The secret key
memory. Built on `github.com/CryptoLabInc/runespace-sdk`. The secret key
never leaves this server.

## Setup
Expand Down
2 changes: 1 addition & 1 deletion CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ See [CLAUDE.md](CLAUDE.md#commands) (or [AGENTS.md](AGENTS.md#commands)) for the
```
vault/internal/
├── tokens/ # Token store + role/rate-limit unit tests
├── crypto/ # HKDF + AES-CTR + envector-go-sdk wrappers
├── crypto/ # HKDF + AES-CTR + runespace-sdk wrappers
├── server/ # gRPC handlers, interceptors, audit, admin UDS, config
├── commands/ # CLI subcommands + admin client
└── tests/ # E2E (build tag `e2e`): decrypt pipeline (fixture-based) + CLI smoke
Expand Down
12 changes: 6 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ For system architecture and data flow details, see [docs/ARCHITECTURE.md](docs/A

### For Administrators

1. **enVector Cloud account** at [https://envector.io](https://envector.io) — Cluster Endpoint and API Key
1. **Runespace account** at [https://runespace.example.com](https://runespace.example.com) — Cluster Endpoint and API Key
2. **Cloud provider account** (AWS, GCP, or OCI) — only needed for cloud deployment

The [installer](#quick-start) auto-checks for the tools it needs (`terraform` and the relevant cloud CLI when targeting a CSP).
Expand All @@ -33,8 +33,8 @@ The [installer](#quick-start) auto-checks for the tools it needs (`terraform` an
Team members install [Rune](https://github.com/CryptoLabInc/rune) from Claude Marketplace and configure it with:
- Vault Endpoint (provided by admin)
- Vault Token (provided by admin)
- enVector Cluster Endpoint (provided by admin)
- enVector API Key (provided by admin)
- Runespace Cluster Endpoint (provided by admin)
- Runespace API Key (provided by admin)

## Quick Start

Expand All @@ -54,7 +54,7 @@ curl -fsSL https://raw.githubusercontent.com/CryptoLabInc/rune-admin/main/instal
| sudo bash -s -- --target aws # or gcp, oci
```

The installer prompts for team name, enVector endpoint, and CSP-specific
The installer prompts for team name, Runespace endpoint, and CSP-specific
inputs (region, GCP project ID, OCI compartment OCID). Use `--non-interactive`
plus the `RUNEVAULT_*` env vars listed in [`install.sh`](install.sh) for CI.

Expand Down Expand Up @@ -83,8 +83,8 @@ sudo runevault token issue --user alice --role member --expires 90d
# Share via secure channel (1Password, Signal, etc.):
# - Vault Endpoint
# - Vault Token
# - enVector Cluster Endpoint
# - enVector API Key
# - Runespace Cluster Endpoint
# - Runespace API Key
```

Members of the `runevault` group can run the CLI without `sudo`.
Expand Down
4 changes: 2 additions & 2 deletions deployment/aws/cloud-init.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ write_files:
- path: /etc/profile.d/runevault-installer-env.sh
content: |
export RUNEVAULT_TEAM_NAME='${team_name}'
export RUNEVAULT_ENVECTOR_ENDPOINT='${envector_endpoint}'
export RUNEVAULT_ENVECTOR_API_KEY='${envector_api_key}'
export RUNEVAULT_RUNESPACE_ENDPOINT='${runespace_endpoint}'
export RUNEVAULT_RUNESPACE_TOKEN='${runespace_token}'
permissions: '0600'

runcmd:
Expand Down
12 changes: 6 additions & 6 deletions deployment/aws/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -32,13 +32,13 @@ variable "tls_mode" {
default = "self-signed"
}

variable "envector_endpoint" {
description = "enVector Cloud endpoint"
variable "runespace_endpoint" {
description = "Runespace endpoint"
type = string
}

variable "envector_api_key" {
description = "enVector Cloud API key"
variable "runespace_token" {
description = "Runespace API key"
type = string
sensitive = true
}
Expand Down Expand Up @@ -197,8 +197,8 @@ resource "aws_instance" "vault" {

user_data = templatefile("${path.module}/cloud-init.yaml", {
team_name = var.team_name
envector_endpoint = var.envector_endpoint
envector_api_key = var.envector_api_key
runespace_endpoint = var.runespace_endpoint
runespace_token = var.runespace_token
runevault_version = var.runevault_version
})

Expand Down
12 changes: 6 additions & 6 deletions deployment/gcp/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -47,13 +47,13 @@ variable "tls_mode" {
default = "self-signed"
}

variable "envector_endpoint" {
description = "enVector Cloud endpoint"
variable "runespace_endpoint" {
description = "Runespace endpoint"
type = string
}

variable "envector_api_key" {
description = "enVector Cloud API key"
variable "runespace_token" {
description = "Runespace API key"
type = string
sensitive = true
}
Expand Down Expand Up @@ -152,8 +152,8 @@ resource "google_compute_instance" "vault" {

metadata_startup_script = templatefile("${path.module}/startup-script.sh", {
team_name = var.team_name
envector_endpoint = var.envector_endpoint
envector_api_key = var.envector_api_key
runespace_endpoint = var.runespace_endpoint
runespace_token = var.runespace_token
runevault_version = var.runevault_version
})

Expand Down
4 changes: 2 additions & 2 deletions deployment/gcp/startup-script.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ done

cat > /etc/profile.d/runevault-installer-env.sh <<'ENVFILE'
export RUNEVAULT_TEAM_NAME='${team_name}'
export RUNEVAULT_ENVECTOR_ENDPOINT='${envector_endpoint}'
export RUNEVAULT_ENVECTOR_API_KEY='${envector_api_key}'
export RUNEVAULT_RUNESPACE_ENDPOINT='${runespace_endpoint}'
export RUNEVAULT_RUNESPACE_TOKEN='${runespace_token}'
ENVFILE
chmod 600 /etc/profile.d/runevault-installer-env.sh
set -a; . /etc/profile.d/runevault-installer-env.sh; set +a
Expand Down
12 changes: 6 additions & 6 deletions deployment/oci/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -43,13 +43,13 @@ variable "tls_mode" {
default = "self-signed"
}

variable "envector_endpoint" {
description = "enVector Cloud endpoint"
variable "runespace_endpoint" {
description = "Runespace endpoint"
type = string
}

variable "envector_api_key" {
description = "enVector Cloud API key"
variable "runespace_token" {
description = "Runespace API key"
type = string
sensitive = true
}
Expand Down Expand Up @@ -164,8 +164,8 @@ resource "oci_core_instance" "vault_instance" {
ssh_authorized_keys = var.public_key
user_data = base64encode(templatefile("${path.module}/startup-script.sh", {
team_name = var.team_name
envector_endpoint = var.envector_endpoint
envector_api_key = var.envector_api_key
runespace_endpoint = var.runespace_endpoint
runespace_token = var.runespace_token
runevault_version = var.runevault_version
}))
}
Expand Down
4 changes: 2 additions & 2 deletions deployment/oci/startup-script.sh
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ done

cat > /etc/profile.d/runevault-installer-env.sh <<'ENVFILE'
export RUNEVAULT_TEAM_NAME='${team_name}'
export RUNEVAULT_ENVECTOR_ENDPOINT='${envector_endpoint}'
export RUNEVAULT_ENVECTOR_API_KEY='${envector_api_key}'
export RUNEVAULT_RUNESPACE_ENDPOINT='${runespace_endpoint}'
export RUNEVAULT_RUNESPACE_TOKEN='${runespace_token}'
ENVFILE
chmod 600 /etc/profile.d/runevault-installer-env.sh
set -a; . /etc/profile.d/runevault-installer-env.sh; set +a
Expand Down
40 changes: 20 additions & 20 deletions docs-public/ARCHITECTURE.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ Rune-Vault is the **infrastructure backbone** for team-shared FHE-encrypted orga
### Core Responsibilities

1. **Key Management**: Generate, store, and protect FHE keys (secret key isolation)
2. **Decryption Service**: Decrypt search results from enVector Cloud
2. **Decryption Service**: Decrypt search results from Runespace
3. **Authentication**: Validate team member access via tokens
4. **Access Control**: Per-user RBAC with role-based top_k limits, scope enforcement, and rate limiting
5. **Audit Logging**: Structured JSON logs for compliance and debugging
Expand All @@ -29,7 +29,7 @@ Rune-Vault is the **infrastructure backbone** for team-shared FHE-encrypted orga
│ MCP tool calls
┌────────────────────────────┐
envector-mcp-server(s) │ ← Scalable
runespace-mcp-server(s) │ ← Scalable
│ (Public Keys only) │
│ │
│ Tools: │
Expand All @@ -42,8 +42,8 @@ Rune-Vault is the **infrastructure backbone** for team-shared FHE-encrypted orga
│ │ (called by remember)
▼ ▼
┌──────────────────────┐ ┌────────────────────────────┐
enVector Cloud(SaaS) │ │ Rune-Vault │
│ https://envector.io │ │ (Your Infrastructure) │
Runespace(SaaS) │ │ Rune-Vault │
│ https://runespace.example.com │ │ (Your Infrastructure) │
│ │ │ │
│ - Encrypted vectors │ │ ┌──────────────────────┐ │
│ - Encrypted │ │ │ FHE Key Manager │ │
Expand All @@ -67,7 +67,7 @@ Rune-Vault is the **infrastructure backbone** for team-shared FHE-encrypted orga
└────────────────────────────┘
```

**Key**: Agents never contact Vault directly. The envector-mcp-server's
**Key**: Agents never contact Vault directly. The runespace-mcp-server's
`remember` tool orchestrates the Vault decryption call as part of its
3-step pipeline. Secret key never leaves Vault.

Expand All @@ -92,7 +92,7 @@ Rune-Vault is the **infrastructure backbone** for team-shared FHE-encrypted orga

**Runtime**:
- Single-binary Go gRPC daemon (`runevault`) — no runtime dependencies beyond TLS
- gRPC server on port 50051 (used by envector-mcp-server)
- gRPC server on port 50051 (used by runespace-mcp-server)
- gRPC health check via `grpc.health.v1` protocol
- Admin Unix domain socket at `/opt/runevault/admin.sock` (mode 0600, vault-user owned)
- Registered as a native systemd unit (`runevault.service`) on Linux or a launchd job (`com.cryptolabinc.runevault`) on macOS
Expand Down Expand Up @@ -127,20 +127,20 @@ Defined in `proto/vault_service.proto` (`rune.vault.v1.VaultService`).

**`GetPublicKey()`**
- Returns: JSON bundle containing EncKey, EvalKey, index_name, key_id, agent_id, agent_dek (per-user derived encryption key)
- Used by: envector-mcp-server at startup
- Used by: runespace-mcp-server at startup
- Auth: Required (validates token + scope check)

**`DecryptScores()`**
- Input: Result ciphertext from encrypted similarity search (base64-serialized)
- Returns: Top-K typed `ScoreEntry` messages (shard_idx, row_idx, score)
- Used by: envector-mcp-server's `remember` pipeline (per search query)
- Used by: runespace-mcp-server's `remember` pipeline (per search query)
- Auth: Required (validates token + scope check)
- Policy: Per-role top_k limit (admin: 50, member: 10). Proto constraint: 1-300 range.

**`DecryptMetadata()`**
- Input: List of AES-encrypted metadata blobs. Each blob is JSON `{"a": "<agent_id>", "c": "<base64_ciphertext>"}`.
- Returns: Decrypted metadata (JSON strings)
- Used by: envector-mcp-server's `remember` pipeline
- Used by: runespace-mcp-server's `remember` pipeline
- Auth: Required (validates token + scope check)
- Vault derives the agent's DEK via HKDF-SHA256 from team secret + agent_id.

Expand Down Expand Up @@ -176,7 +176,7 @@ Custom roles can be created via `runevault role create`.
2. `/opt/runevault/configs/runevault.conf`
3. `./runevault.conf` (cwd, dev only)

Secret YAML fields (`tokens.team_secret`, `envector.api_key`) accept a sibling `*_file` key for KMS-backed deployments.
Secret YAML fields (`tokens.team_secret`, `runespace.token`) accept a sibling `*_file` key for KMS-backed deployments.

### 4. Admin Socket & CLI

Expand Down Expand Up @@ -281,13 +281,13 @@ User: "What decisions did we make about database?"
AI Agent (Claude/Gemini/Codex)
├── 1. Call envector-mcp-server `remember` tool
├── 1. Call runespace-mcp-server `remember` tool
envector-mcp-server (`remember` orchestration)
runespace-mcp-server (`remember` orchestration)
├── 2. Embed query (auto-embedded if text, or accepts vector/JSON)
├── 3. Encrypted similarity scoring on enVector Cloud
├── 3. Encrypted similarity scoring on Runespace
│ → Returns result ciphertext (base64)
├── 4. Call Vault: DecryptScores(token, ciphertext, top_k) via gRPC
Expand All @@ -301,17 +301,17 @@ Vault (gRPC — secret key holder)
├── 8. Return [{index: 42, score: 0.95}, ...]
envector-mcp-server (continued)
runespace-mcp-server (continued)
├── 9. Retrieve metadata for top-k indices from enVector Cloud
├── 9. Retrieve metadata for top-k indices from Runespace
├── 10. Return results to Agent
AI Agent → User: "In Q2 2024, team chose PostgreSQL for JSON support..."
```

**Key**: The Agent never contacts Vault directly. The `remember` tool
in envector-mcp-server orchestrates the entire 3-step pipeline.
in runespace-mcp-server orchestrates the entire 3-step pipeline.
Secret key never leaves Vault.

**`search` vs `remember`**: The `search` tool is for the operator's own
Expand All @@ -325,13 +325,13 @@ indiscriminately decrypting shared vectors.
### Threat Model

**Assumptions**:
- enVector Cloud is **untrusted** (sees only ciphertext)
- Runespace is **untrusted** (sees only ciphertext)
- Network is **untrusted** (TLS required)
- Team members' laptops are **trusted** (Rune runs locally)
- Vault VM is **trusted** (admin controls infrastructure)

**Threats Mitigated**:
1. **Cloud Provider Breach**: enVector Cloud compromise → no plaintext leak (FHE)
1. **Cloud Provider Breach**: Runespace compromise → no plaintext leak (FHE)
2. **Network Eavesdropping**: MITM attacks → TLS encryption
3. **Unauthorized Access**: Non-team members → token authentication
4. **Key Theft**: secret key extraction → architectural isolation (no export API)
Expand Down Expand Up @@ -413,7 +413,7 @@ Cloud Resources Created
```

Common Terraform variables across all CSPs: `team_name`, `tls_mode`,
`envector_endpoint`, `envector_api_key`, `runevault_version`,
`runespace_endpoint`, `runespace_token`, `runevault_version`,
`public_key`, `region`. CSP-specific: `instance_type` (AWS),
`project_id` / `zone` / `machine_type` (GCP), `oci_profile` /
`compartment_id` (OCI). Output: `vault_public_ip`.
Expand Down Expand Up @@ -489,7 +489,7 @@ When to scale:
| `vault/internal/commands` | CLI subcommands (`daemon`, `token`, `role`, `status`, `logs`, `version`) and admin-socket client |
| `vault/internal/server` | gRPC server, config loader, audit logger, admin UDS, `EnsureVault` startup hook, interceptors |
| `vault/internal/tokens` | Per-user RBAC store: tokens, roles, validation, rate limiting, YAML persistence |
| `vault/internal/crypto` | FHE key management + HKDF/AES wrappers around `envector-go-sdk` |
| `vault/internal/crypto` | FHE key management + HKDF/AES wrappers around `runespace-sdk` |
| `vault/internal/tests` | E2E tests gated by build tag `e2e` (decrypt pipeline + CLI smoke) |
| `vault/pkg/vaultpb` | Generated gRPC stubs from `vault/proto/*.proto` |

Expand Down
Loading