Skip to main content

File Storage

Aberto stores all relevant files in an encrypted format.

Aberto’s Storage Format #

Aberto stores all content as encrypted JSON files. See also our Security Guide .

Content is organized into “Vault” directories which follow the naming scheme <UUID|name>.abvault.
The name is determined by the sync location. Locally and on OneDrive, Aberto uses the chosen Vault name because that’s more user-friendly. Everywhere else the Vault’s UUID is used.

There are 3 types of JSON structures that get stored within a vault:

  • Vault Metadata: e.g. name, ID, …
  • Vault Key “Shares”
  • Credentials: The Vault Entries, e.g. logins, secure notes, …

The ABVault directory structure #

/<UUID|name.abvault>
   ./<UUID>.json -> Vault Metadata (unencrypted)
   ./credentials -> Entries (encrypted)
   ./share -> Vault Key Shares (encrypted)
   ./attachments -> Attachments (encrypted)

JSON structures #

Common fields for all types:

  • id: UUID of the object
  • created: Creation Date (iso8601 Date String)
  • lastUpdated: Date of last update (iso8601 Date String, optional)
  • storageLocationId: UUID of the Vault this object is stored in

Vault Metadata #

This object is stored as plaintext file.

Fields:

  • name: Vault name (String)

Example:

{
  "id" : "6E3B919F-6DB9-4220-909A-9A31EA98CF06",
  "created" : "2023-01-06T22:01:04Z",
  "lastUpdated" : "2023-01-06T22:01:18Z",
  "storageLocationId" : "6E3B919F-6DB9-4220-909A-9A31EA98CF06",
  "name" : "test"
}

Credential #

This object is stored as encrypted file.

Credentials are a super type for different credential types

Common Fields:

  • lastAccessed: Date of last access (iso8601 Date String, optional)
  • tags: See below
  • title: Title of the entry (String)
  • notes: Multiline notes (encrypted string)
  • attachments: See below
  • credentialType: Internal type. One of [“login”, “generic”, “note”]
  • login, generic: The credential type specific content (see below)

Type: Login #

Login credentials support:

  • Key-Value Fields
  • Services (URLs)
  • Tags
  • Attachments
  • Notes

Custom Fields:

  • services: URLs this login is associated with
    • order: unique, ascending order of services (Int)
    • url: Full URL of the service
    • domain: Basic domain. Used for searching & display
  • fields: See below

Example:

{
  "id": "6313E122-4A27-4EFA-A786-37C0FF74154A",
  "lastAccessed": "2023-01-06T22:23:25Z",
  "lastUpdated": "2023-01-06T22:25:45Z",
  "login": {
    "services": [
      {
        "id": "0ABCB9A2-5E7A-4D9D-AEBD-63F09872A44F",
        "order": 0,
        "url": "google.com",
        "domain": "google.com"
      }
    ],
    "fields": [
      {
        "isDeletable": true,
        "id": "74118D34-0ECA-4079-ACDB-E26D3AF5F3DD",
        "order": 0,
        "valueHistory": [],
        "valueEncrypted": null,
        "key": "Username",
        "value": "user",
        "type": 3
      },
      {
        "isDeletable": false,
        "id": "3533515F-C709-49D9-9373-80C0829BF89B",
        "order": 1,
        "valueHistory": [],
        "valueEncrypted": "38f7de252ee8aac5622c991ee7411963b8b6c9caad09da8225ab662b9bda344d3c957b5527b05686128960b47d",
        "key": "Password",
        "value": null,
        "type": 0
      }
    ]
  },
  "tags": [
    {
      "tag": "tag1",
      "id": "8F8ACBB0-A9FC-491D-8CFA-7BC041EEF21B",
      "created": "2023-01-06T22:25:45Z",
      "storageLocationId": "86AB5454-82F8-478F-8443-C8721CBAA5CB",
      "lastUpdated": null
    }
  ],
  "storageLocationId": "5DFE1630-C86E-4DEE-88F6-9972FBE9CFF5",
  "generic": null,
  "title": "New Item",
  "notes": "0ab1664f5d1c3cae2d9283bba76e7486b8db272abc7411940be6cb5122ac76f365",
  "created": "2023-01-06T22:23:25Z",
  "attachments": [],
  "credentialType": "login"
}

Type: Generic #

Generic credentials support:

  • Key-Value Fields
  • Tags
  • Attachments
  • Notes

Custom Fields:

Example:

{
  "id": "6313E122-4A27-4EFA-A786-37C0FF74154A",
  "lastAccessed": "2023-01-06T22:23:25Z",
  "lastUpdated": "2023-01-06T22:25:45Z",
  "generic": {
    "fields": [
      {
        "isDeletable": true,
        "id": "74118D34-0ECA-4079-ACDB-E26D3AF5F3DD",
        "order": 0,
        "valueHistory": [],
        "valueEncrypted": null,
        "key": "Username",
        "value": "user",
        "type": 3
      },
      {
        "isDeletable": false,
        "id": "3533515F-C709-49D9-9373-80C0829BF89B",
        "order": 1,
        "valueHistory": [],
        "valueEncrypted": "38f7de252ee8aac5622c991ee7411963b8b6c9caad09da8225ab662b9bda344d3c957b5527b05686128960b47d",
        "key": "Password",
        "value": null,
        "type": 0
      }
    ]
  },
  "tags": [
    {
      "tag": "tag1",
      "id": "8F8ACBB0-A9FC-491D-8CFA-7BC041EEF21B",
      "created": "2023-01-06T22:25:45Z",
      "storageLocationId": "86AB5454-82F8-478F-8443-C8721CBAA5CB",
      "lastUpdated": null
    }
  ],
  "storageLocationId": "5DFE1630-C86E-4DEE-88F6-9972FBE9CFF5",
  "login": null,
  "title": "New Item",
  "notes": "0ab1664f5d1c3cae2d9283bba76e7486b8db272abc7411940be6cb5122ac76f365",
  "created": "2023-01-06T22:23:25Z",
  "attachments": [],
  "credentialType": "generic"
}

Type: Note #

Note credentials support:

  • Tags
  • Attachments
  • Notes

Custom Fields:

  • None

Example:

{
  "id": "6313E122-4A27-4EFA-A786-37C0FF74154A",
  "lastAccessed": "2023-01-06T22:23:25Z",
  "lastUpdated": "2023-01-06T22:25:45Z",
  "generic": null,
  "tags": [
    {
      "tag": "tag1",
      "id": "8F8ACBB0-A9FC-491D-8CFA-7BC041EEF21B",
      "created": "2023-01-06T22:25:45Z",
      "storageLocationId": "86AB5454-82F8-478F-8443-C8721CBAA5CB",
      "lastUpdated": null
    }
  ],
  "storageLocationId": "5DFE1630-C86E-4DEE-88F6-9972FBE9CFF5",
  "login": null,
  "title": "New Item",
  "notes": "0ab1664f5d1c3cae2d9283bba76e7486b8db272abc7411940be6cb5122ac76f365",
  "created": "2023-01-06T22:23:25Z",
  "attachments": [],
  "credentialType": "note"
}

Fields #

Key-Value fields. Depending on the field type, the values are double encrypted (file-level and field-level) or only file-encrypted

Fields:

  • isDeletable: Internal field used to protect certain fields
  • order: unique, ascending order of fields (Int)
  • valueHistory: Historical values for a field
    • created: Creation Date of this value (iso8601 Date String)
    • value: Unencrypted value (String, optional)
    • valueEncrypted: Encrypted value (Base64 String, optional)
  • key: Unique Key (String)
  • value: Unencrypted value (String, optional)
  • valueEncrypted: Encrypted value (Base64 String, optional)
  • type: Field type. One of
    • 0: password (encrypted)
    • 1: text (unencrypted)
    • 2: pin (encrypted)
    • 3: username (unencrypted)
    • 4: textSecret (encrypted)
    • 5: totp (encrypted)
    • 6: url (unencrypted)
    • 7: date (unencrypted)
    • 8: hidden (unencrypted)

Attachments #

References to attachments. The (encrypted) files are stored within the vault directory.

Fields:

  • path: Internal storage location within the vault (String)
  • originalFileName: file name of the original file as it was uploaded (String)
  • size: Size in bytes. Used for internal sanity checks (Int64)
  • order: unique, ascending order of files (Int)

Example:

{
  "lastUpdated": "2018-06-22T18:43:37Z",
  "id": "E11DAC4E-FC85-4EB0-83A4-0061EB0ED4DE",
  "order": 0,
  "size": 22465,
  "created": "2018-06-22T18:43:34Z",
  "path": "attachments/E11DAC4E-FC85-4EB0-83A4-0061EB0ED4DE.abenc",
  "originalFileName": "Screen Shot 2014-07-05 at 9.54.21 PM.png"
}

Tags #

References to tags. Tags are not synced but recreated on device. This way, each device can have their own set of linked credentials for the same tag.

Fields:

  • tag: The tag string. Has to be unique (String)

Example:

{
  "tag": "tag1",
  "id": "8F8ACBB0-A9FC-491D-8CFA-7BC041EEF21B",
  "created": "2023-01-06T22:25:45Z",
  "storageLocationId": "86AB5454-82F8-478F-8443-C8721CBAA5CB",
  "lastUpdated": null
}