{
  "schemaVersion": 1,
  "gitSha": "unknown",
  "gitShaShort": "unknown",
  "builtAt": "2026-04-20T14:55:11.141Z",
  "node": "v20.18.1",
  "pkg": {
    "name": "1kq",
    "version": "0.1.0"
  },
  "clientCrypto": [
    {
      "path": "src/lib/crypto/primitives.ts",
      "sha256": "71119846d08ff16d1cbab279f2effcad73149759712a1f876f6a852861faeec2",
      "purpose": "Low-level XChaCha20-Poly1305, HKDF, and Argon2id wrappers from @noble/* — the only place we call the underlying ciphers."
    },
    {
      "path": "src/lib/crypto/master-key.ts",
      "sha256": "6e48ed9dce8497e30f5225b136bf237ab065e4820294681a7a283d1f35d84f0f",
      "purpose": "Server-side master-key envelope shape + Argon2id parameters. Pure functions; no IO."
    },
    {
      "path": "src/lib/crypto/master-key-client.ts",
      "sha256": "5ef123123bd0bde9bf39ddd020aa9697253c2ed704c7dd749999ee6c1de0e576",
      "purpose": "In-browser master-key derivation: passphrase + salt → MK, no network round-trip."
    },
    {
      "path": "src/lib/crypto/key-store.ts",
      "sha256": "f6cde42e129b219e5a8ef95a5f4509c2184cf39ec1f87efbc960c2834efc7226",
      "purpose": "In-memory MK holder with idle-timeout and visibility-change auto-lock. The MK never reaches localStorage."
    },
    {
      "path": "src/lib/crypto/envelope.ts",
      "sha256": "ca89cff560dff38490950adf451c88a93531993fbe123346089632c8a9675af7",
      "purpose": "Encrypt/decrypt one envelope: per-row DEK is wrapped under MK; AAD binds the row's identifying metadata to the ciphertext."
    },
    {
      "path": "src/lib/crypto/envelope-kinds.ts",
      "sha256": "827d85c0ecf3103f601b498bb0b1d2d2f563655b55ef727759658fe428073a52",
      "purpose": "Typed AAD shapes for every encrypted column (chat content, session titles, questionnaire answers, self-report). Tampering fails on the client because AAD is bound to ciphertext."
    },
    {
      "path": "src/lib/crypto/webauthn-prf.ts",
      "sha256": "8fdf7dfc4efc6642ff50edc074ff3e6521abfe09b282d2c854478c1cb0cf8590",
      "purpose": "Browser ceremony shim that runs the WebAuthn PRF extension and returns 32 bytes of high-entropy material bound to a passkey, used to wrap the master key without a passphrase."
    },
    {
      "path": "src/lib/crypto/rotation.ts",
      "sha256": "fbc590457cb89bdc4b0cd70e51bfee4c24cb41192b321994d927a8468f592f28",
      "purpose": "Pure-client passphrase rotation: re-wraps the same master key under a fresh KEK derived from a new passphrase. Per-row DEKs are untouched."
    }
  ]
}