Archived open-source studio work · v6.2 OBSIDIAN

Local-only
desktop file
encryption.

CRYpT encrypts files on your machine with a 14-cipher AEAD cascade and double Argon2id key derivation. Open source under MIT. No cloud, no key escrow, no telemetry. The studio shipped it, learned what local-only privacy primitives feel like, then moved that thinking into VIGIL's on-prem story.

Download for Windows GitHub repository

[ inside the cascade ]

14 ciphers. One file. No single point of failure.

LAYER_01 · AEAD CASCADE

Five primary ciphers

AES-256-GCM, ChaCha20-Poly1305, Serpent, Twofish, Camellia. Each layer authenticated. Compromising any one cipher leaves the cascade intact.

LAYER_02 · FEISTEL

192-round network

Custom 192-round Feistel network across the remaining nine block functions. Diffusion well past standard cryptanalysis budgets.

LAYER_03 · KDF

Double Argon2id

Memory-hard, tunable cost. Two independent Argon2id passes with separate salts. Brute-force assumes you have the passphrase already.

[ why archived ]

Privacy is
an architecture,
not a feature.

CRYpT was the studio's argument that local-only encryption should be the default, not the premium tier. Free for the entire base feature set; the Pro tier ($14, one-time) adds batch encryption and metadata wiping. The codebase stays open under MIT.

The studio doesn't actively develop CRYpT anymore. The architectural lesson (no cloud, no escrow, local-first by default) carried over into VIGIL's desktop mode. If you want to use CRYpT, download it; if you want to maintain it, fork it.

Local-only desktop file encryption.