- Rust
- Edge AI
- Encryption
- Streaming
- Project Update
TrustEdge Major Update: Envelope Format, Manifest, and Streaming Security¶
August 25, 2025
TrustEdge has taken a big step forward in its journey to build trustable, privacy-preserving edge AI pipelines. This update introduces a real encrypted envelope file format (.trst), per-chunk Ed25519 signatures, robust authenticated metadata (AAD), and a more flexible CLI for encryption, decryption, and key management.
What’s New?¶
- Envelope file format (
.trst): Now includes a stream header (version, header bytes, BLAKE3 hash) and records (sequence, nonce, signed manifest, ciphertext), all bincode-encoded for compactness and speed. - Signed manifest: Each chunk includes a bincode-encoded manifest with version, timestamp, sequence, header and chunk hashes, AI/model provenance fields, and Ed25519 signature/public key bytes for strong provenance and integrity.
- Robust AAD: Each chunk’s AAD is
[header_hash][seq][nonce][manifest_hash], binding metadata and provenance to the ciphertext and preventing tampering/replay. - CLI improvements: New options:
--envelope(write envelope),--decrypt(decrypt/verify envelope),--key-hex(user-supplied key),--key-out(save generated key),--no-plaintext(skip round-tripped plaintext). - Key management: Use a user-supplied 64-char hex key or generate a random key (output to file or stderr for demo/testing).
How it Works¶
- Reads the input file in user-defined chunks.
- For each chunk: constructs a unique nonce, builds AAD, creates and signs a manifest, encrypts with AES-256-GCM, verifies, and writes output.
- Envelope files contain all metadata for real-world use; round-trip output matches input for verification (no header).
Next Steps¶
- Add more tests for serialization, AAD, and round-trip.
- Add logging for chunk/manifest info.
- Continue documenting the file format and streaming pipeline.
If you have experience with streaming encryption, AAD, or manifest design in Rust, feedback is welcome!