What is Sietch?

Sietch is a decentralized, encrypted vault system for operating in hostile, degraded, or disconnected environments. It’s built for when the internet burns, surveillance tightens, and movement gets risky. Sync data securely across machines—LAN, sneakernet, weak WiFi—without the cloud, without authorities watching.

Why Sietch?

Sietch was created for situations where:

  • Internet is scarce, censored, or unreliable
  • Data privacy is a necessity, not a feature
  • You’re mobile, semi-offline, or operating in contested spaces
Sietch imagines what a file system would look like in a world more like Arrakis than San Francisco.

Key Features

FeatureDescription
Decentralized VaultsSelf-contained, encrypted vaults that sync over LAN, sneakernet (USB drives), or weak WiFi
Offline-FirstWorks fully offline; no dependency on central servers or cloud infrastructure
Strong EncryptionFiles are chunked and encrypted using AES-256-GCM or GPG-compatible keys
Peer-to-Peer SyncRsync-style syncing over TCP or LibP2P, transferring only missing or changed chunks
Gossip DiscoveryLightweight peer discovery protocol for LAN environments
CLI-First UXFast, minimal CLI to manage vaults and syncs
ResilienceSurvives censorship, outages, and surveillance; portable and airgap-friendly

How Does It Work?

  • Vaults:
    Portable encrypted containers: internal keys, chunked storage, encrypted manifest. Treat vaults as tactical units—self-sufficient, deniable.
  • Chunking & Deduplication:
    Files are split into 4MB chunks by default. Identical chunks are deduplicated—store once, sync smarter.
  • Encryption:
    Each chunk encrypted at rest. Options: 1.Symmetric passphrase (AES-256-GCM) 2. Asymmetric GPG-compatible keypair
  • Peer Discovery:
    Vaults discover peers over LAN via UDP gossip. Or whitelist IPs manually. Future: QR-code exchange for airgapped ops.
  • Syncing:
    Only changed/missing chunks are synced, using rsync-inspired delta transfer over secure TCP with optional compression.
  • Manifest:
    Vault metadata is a Merkle DAG: 1.Verifiable integrity 2.Tamper detection 3.Partial recovery from damaged vaults

Who is Sietch For?

  • Investigative journalists protecting sources and evidence
  • Sysadmins and security engineers backing up credentials and configs
  • Human rights defenders sharing sensitive material across trust networks
  • Anyone who needs resilient, private, and portable data storage
Survival-first, not cloud-first!
Edit this page on GitHub
Table of Contents