LockFS Is Now Stable

Name: LockFS Is Now Stable
Availability: InStock
Author: 0xGhostInAJar

by 0xGhostInAJar·Mar 12, 2026·1 point·1 comment

Visit Project View on HN

AI Analysis

●●SolidNiche GemCozy

Per-file encryption beats vault bundling for expandable encrypted storage.

Strengths

•Individual file encryption avoids vault fragmentation across storage devices
•PGP key fingerprints and signature verification for release authenticity
•Java-based CLI works cross-platform on Linux, Windows, and MacOS

Weaknesses

•Cryptography has not been independently audited per author's own warning
•File encryption space already served by Cryptomator, age, and VeraCrypt

Similar Projects

Security●Mid

LockFS is a flexible file-by-file encryption for secure storage

Encrypts files one-by-one from a single runnable JAR, which is nice for cross-platform use and managing many small vaults without re-archiving. The README clearly explains usage, but there’s no visible discussion of algorithms, key management, integrity guarantees, or threat model — that omission keeps this from standing out in a space already served by mature tools like age/gocryptfs.

Ship ItNiche Gem

0xGhostInAJar

103mo ago

Security●Mid

LockFS

The idea is pleasantly pragmatic: encrypt each file independently so you never have to rewrite a giant container when adding or moving data — that genuinely simplifies backups across mixed storage. The repo feels like an MVP: a runnable jar and clear UX goals, but it omits crucial cryptography details (cipher choices, key derivation, filename/metadata leakage, threat model) and usage examples, so it’s useful in concept but needs more security documentation and benchmarks before I’d trust it with sensitive data.

Niche GemShip It

0xGhostInAJar

343mo ago

Security●●●Banger

DeadSwitch – Encrypted USB vault with dead man's switch

Solves $120B Bitcoin inheritance problem with USB-only, one-time payment model.

Solve My ProblemSlick

chuckgreve

223mo ago

Security●●●Banger

Enveil–Encrypted vault that replaces .env files with runtime injection

Runtime injection bypasses .env files entirely—secrets never touch disk.

Solve My ProblemWizardryShip It

enveil

213mo ago

Security●●Solid

Secure Storage – An offline encrypted vault for iOS

Tidy, privacy-first vault that keeps everything on-device and uses Argon2id + AES-256 with per-field encryption — not just marketing buzz: the copy lists concrete choices like 64 MB memory hardness and biometric key storage in the secure enclave. Features such as camera card scanning, per-vault isolation, and on-demand file decryption are useful for single-device users, but the offline-only stance also limits appeal compared with cross-device managers like 1Password or Bitwarden.

Niche GemSlick

sbis04

114mo ago

Security●●●Banger

AbsentKey E2E encrypted vault that releases secrets when you can't

Timer starts when someone requests access — no false positives from vacation check-in failures.

Solve My ProblemZero to OneCozy

artidokuz

332mo ago