clawkeep 0.2.5 → 0.2.6

package/README.md

@@ -109,7 +109,35 @@ Your backup target receives **encrypted chunks only**. No metadata. No history.
 |---|---|---|
 | **Local path** | ✅ Available | Any mounted folder — NAS, USB drive, network share |
 | **S3 / R2** | ✅ Available | Object storage (Cloudflare R2, AWS S3, MinIO, Backblaze B2, Wasabi) |
-| **ClawKeep Cloud** | 🔜 Coming soon | Managed zero-knowledge backup |
+| **ClawKeep Cloud** | ✅ Available | Managed zero-knowledge backup with browser-based setup |
+
+### ClawKeep Cloud Setup
+
+The easiest way to get started. Your encryption password is set in the browser — **the CLI never sees it**.
+
+```bash
+# Connect to ClawKeep Cloud
+clawkeep cloud setup
+
+# Opens browser → log in → set your encryption password
+# CLI receives only the encrypted key material, never the password
+```
+
+```
+✔ Authorization received
+✓ Connected to ClawKeep Cloud
+  Workspace ws_01abc123...
+
+What's next:
+  $ clawkeep watch --sync --daemon
+```
+
+**Security:** The encryption key is derived in your browser. Your plaintext password never leaves the browser, never hits our API, and the CLI never sees it. We store only encrypted chunks — true zero-knowledge.
+
+```bash
+# Start auto-syncing (no password in environment needed!)
+clawkeep watch --sync --daemon
+```
 
 ### S3 / R2 Setup
 
@@ -188,11 +216,25 @@ clawkeep watch --daemon
 clawkeep watch --stop
 
 # Auto-sync to backup target after each change
-clawkeep watch --daemon --push
+clawkeep watch --sync --daemon
 ```
 
 Smart debouncing, stability detection, configurable ignore patterns. Your files are continuously protected.
 
+### 🔑 Keyless Daemon
+
+When using ClawKeep Cloud, the watch daemon **doesn't need your password in the environment**. The encrypted key material is stored locally during `cloud setup` — the daemon uses it automatically.
+
+```bash
+# No CLAWKEEP_PASSWORD needed!
+clawkeep watch --sync --daemon
+
+# Works with PM2, systemd, or any process manager
+pm2 start "clawkeep watch --sync" --name clawkeep-watch
+```
+
+For local/S3 targets, run `clawkeep backup set-password` once to store the encrypted key material, then the daemon works the same way.
+
 ## Time-Travel Restore
 
 Go back to any point in time. Your current state is preserved — nothing is ever lost.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clawkeep",
-  "version": "0.2.5",
+  "version": "0.2.6",
   "description": "Private, encrypted backups with time-travel restore. Zero-knowledge protection for AI agents, configs, and everything you care about.",
   "main": "src/index.js",
   "bin": {

package/src/commands/backup.js

@@ -166,7 +166,8 @@ async function doSetPassword(bm, opts) {
   try {
     bm.setPassword(password);
     spinner.succeed('Encryption password set');
-    console.log(chalk.dim('  Password hash stored (password itself is never saved)'));
+    console.log(chalk.dim('  Password hash + wrapped key stored (password itself is never saved)'));
+    console.log(chalk.dim('  Keyless sync enabled — no CLAWKEEP_PASSWORD needed for daemon'));
   } catch (err) {
     spinner.fail('Failed to set password');
     console.error(chalk.red('  ' + err.message));
@@ -179,9 +180,10 @@ async function doSync(bm, opts) {
   const needsPassword = cfg.target === 'local' || cfg.target === 's3' || cfg.target === 'cloud';
   const password = needsPassword ? getPassword(opts) : null;
 
-  if (needsPassword && !password) {
+  if (needsPassword && !password && !cfg.wrappedKeySet) {
     console.error(chalk.red('  Password required for encrypted sync.'));
     console.error(chalk.dim('  Use: CLAWKEEP_PASSWORD=xxx clawkeep backup sync'));
+    console.error(chalk.dim('  Or run `clawkeep backup set-password` first for keyless sync.'));
     process.exit(1);
   }
 
@@ -234,10 +236,12 @@ async function doTest(bm) {
 }
 
 async function doCompact(bm, opts) {
+  const cfg = bm.getConfig();
   const password = getPassword(opts);
-  if (!password) {
+  if (!password && !cfg.wrappedKeySet) {
     console.error(chalk.red('  Password required for compact.'));
     console.error(chalk.dim('  Use: CLAWKEEP_PASSWORD=xxx clawkeep backup compact'));
+    console.error(chalk.dim('  Or run `clawkeep backup set-password` first for keyless compact.'));
     process.exit(1);
   }
 

package/src/commands/cloud.js

@@ -184,6 +184,15 @@ async function doBrowserSetup(dir, webUrl, apiUrl, opts) {
     const bm = new BackupManager(claw);
     await bm.setTarget('cloud', { workspace: result.workspace_id, endpoint: apiUrl });
 
+    // Store wrappedKey + passwordHash if browser derived them
+    if (result.wrapped_key && result.password_hash) {
+      const config = claw.loadConfig();
+      if (!config.backup) config.backup = {};
+      config.backup.passwordHash = result.password_hash;
+      config.backup.wrappedKey = result.wrapped_key;
+      claw.saveConfig(config);
+    }
+
     const password = opts.password || process.env.CLAWKEEP_PASSWORD;
     if (password && !bm.hasPassword()) {
       bm.setPassword(password);
@@ -198,7 +207,7 @@ async function doBrowserSetup(dir, webUrl, apiUrl, opts) {
     console.log(`  ${chalk.dim('Workspace')}  ${result.workspace_id}`);
     console.log('');
 
-    // Show what's next
+    // Show what's next (skip password step if wrappedKey was received from browser)
     showNextSteps(bm, opts);
 
     // Auto-start watcher if --watch

package/src/core/backup.js

@@ -3,7 +3,7 @@
 const path = require('path');
 const fs = require('fs');
 const crypto = require('crypto');
-const { hashPassword, verifyPassword } = require('./sync-crypto');
+const { hashPassword, verifyPassword, deriveEncryptionKey, wrapKey, unwrapKey } = require('./sync-crypto');
 const { createTransport, LocalTransport } = require('./transport');
 const SyncManager = require('./sync');
 
@@ -43,18 +43,21 @@ class BackupManager {
       cloud: backup.cloud || null,
       s3: backup.s3 || null,
       passwordSet: !!backup.passwordHash,
+      wrappedKeySet: !!backup.wrappedKey,
       workspaceId: backup.workspaceId || null,
       chunkCount: backup.chunkCount || 0,
       lastSyncCommit: backup.lastSyncCommit || null,
     };
   }
 
-  /** Set encryption password (stores hash only) */
+  /** Set encryption password (stores hash + wrappedKey) */
   setPassword(password) {
     if (!password) throw new Error('Password is required');
     const config = this.claw.loadConfig();
     if (!config.backup) config.backup = {};
     config.backup.passwordHash = hashPassword(password);
+    const encKey = deriveEncryptionKey(password);
+    config.backup.wrappedKey = wrapKey(encKey, config.backup.passwordHash);
     this.claw.saveConfig(config);
   }
 
@@ -72,6 +75,28 @@ class BackupManager {
     return verifyPassword(password, hash);
   }
 
+  /**
+   * Resolve encryption credential from config or explicit password.
+   * Returns { encryptionKey } (keyless/CK02) or { password } (legacy/CK01).
+   */
+  _resolveCredential(password) {
+    const config = this.claw.loadConfig();
+    const backup = config.backup || {};
+
+    // Priority 1: wrappedKey exists → unwrap it (keyless mode)
+    if (backup.wrappedKey && backup.passwordHash) {
+      const key = unwrapKey(backup.wrappedKey, backup.passwordHash);
+      return { encryptionKey: key };
+    }
+
+    // Priority 2: explicit password → use directly (legacy / restore)
+    if (password) {
+      return { password };
+    }
+
+    throw new Error('No encryption credential available. Run: clawkeep backup set-password');
+  }
+
   /** Set backup target */
   async setTarget(type, options = {}) {
     const config = this.claw.loadConfig();
@@ -131,7 +156,7 @@ class BackupManager {
     return this.getConfig();
   }
 
-  /** Sync to backup target */
+  /** Sync to backup target (password optional if wrappedKey exists) */
   async sync(password) {
     const config = this.claw.loadConfig();
     const backup = config.backup || {};
@@ -143,9 +168,9 @@ class BackupManager {
     let transport;
     if (target === 'local' || target === 's3' || target === 'cloud') {
       // Encrypted incremental sync (local, S3, or cloud)
-      if (!password) throw new Error('Password required for encrypted sync');
+      const credential = this._resolveCredential(password);
       transport = createTransport(backup, this.claw);
-      const sm = new SyncManager(this.claw, transport, password);
+      const sm = new SyncManager(this.claw, transport, credential);
       result = await sm.sync();
     } else if (target === 'git') {
       await this.claw.push();
@@ -244,25 +269,25 @@ class BackupManager {
     return { ok: false, message: 'Unknown target: ' + target };
   }
 
-  /** Compact chunks into single full bundle */
+  /** Compact chunks into single full bundle (password optional if wrappedKey exists) */
   async compact(password) {
     const config = this.claw.loadConfig();
     const backup = config.backup || {};
     if (backup.target !== 'local' && backup.target !== 's3' && backup.target !== 'cloud') {
       throw new Error('Compact only supported for local, s3, and cloud targets');
     }
-    if (!password) throw new Error('Password required for compact');
 
+    const credential = this._resolveCredential(password);
     const transport = createTransport(backup, this.claw);
-    const sm = new SyncManager(this.claw, transport, password);
+    const sm = new SyncManager(this.claw, transport, credential);
     return await sm.compact();
   }
 
-  /** Get sync status (chunk count, sizes, etc.) */
+  /** Get sync status (chunk count, sizes, etc.) — password optional if wrappedKey exists */
   async getSyncStatus(password) {
     const config = this.claw.loadConfig();
     const backup = config.backup || {};
-    if ((backup.target !== 'local' && backup.target !== 's3' && backup.target !== 'cloud') || !password) {
+    if (backup.target !== 'local' && backup.target !== 's3' && backup.target !== 'cloud') {
       return {
         synced: false,
         chunkCount: backup.chunkCount || 0,
@@ -271,8 +296,9 @@ class BackupManager {
     }
 
     try {
+      const credential = this._resolveCredential(password);
       const transport = createTransport(backup, this.claw);
-      const sm = new SyncManager(this.claw, transport, password);
+      const sm = new SyncManager(this.claw, transport, credential);
       return await sm.getStatus();
     } catch {
       return {
@@ -299,7 +325,7 @@ class BackupManager {
     const parentDir = path.dirname(sourcePath);
     const transport = new LocalTransport(parentDir);
 
-    return await SyncManager.restoreFrom(transport, workspaceId, password, destDir);
+    return await SyncManager.restoreFrom(transport, workspaceId, { password }, destDir);
   }
 }
 

package/src/core/sync-crypto.js

@@ -2,13 +2,15 @@
 
 const crypto = require('crypto');
 
-const MAGIC = Buffer.from('CK01');
+const MAGIC_CK01 = Buffer.from('CK01');
+const MAGIC_CK02 = Buffer.from('CK02');
 const SALT_LENGTH = 32;
 const NONCE_LENGTH = 12;
 const KEY_LENGTH = 32;
 const TAG_LENGTH = 16;
 const ALGORITHM = 'aes-256-gcm';
-const HEADER_LENGTH = MAGIC.length + SALT_LENGTH + NONCE_LENGTH; // 4 + 32 + 12 = 48
+const CK01_HEADER_LENGTH = MAGIC_CK01.length + SALT_LENGTH + NONCE_LENGTH; // 4 + 32 + 12 = 48
+const CK02_HEADER_LENGTH = MAGIC_CK02.length + NONCE_LENGTH; // 4 + 12 = 16
 
 /**
  * Derive encryption key from password using scrypt.
@@ -18,8 +20,8 @@ function deriveKey(password, salt) {
 }
 
 /**
- * Encrypt a buffer using AES-256-GCM.
- * Output format: [4B magic "CK01"][32B salt][12B nonce][NB ciphertext][16B auth tag]
+ * Encrypt a buffer using AES-256-GCM (CK01 format — password-based).
+ * Output format: [4B "CK01"][32B salt][12B nonce][NB ciphertext][16B auth tag]
  */
 function encryptChunk(buffer, password) {
   const salt = crypto.randomBytes(SALT_LENGTH);
@@ -30,39 +32,127 @@ function encryptChunk(buffer, password) {
   const encrypted = Buffer.concat([cipher.update(buffer), cipher.final()]);
   const tag = cipher.getAuthTag();
 
-  return Buffer.concat([MAGIC, salt, nonce, encrypted, tag]);
+  return Buffer.concat([MAGIC_CK01, salt, nonce, encrypted, tag]);
 }
 
 /**
- * Decrypt a CK01-format encrypted buffer.
- * Returns the decrypted plaintext buffer.
+ * Encrypt a buffer using AES-256-GCM with a pre-derived key (CK02 format).
+ * Output format: [4B "CK02"][12B nonce][NB ciphertext][16B auth tag]
+ * Much faster than CK01 — no per-chunk scrypt.
  */
-function decryptChunk(encBuffer, password) {
-  if (encBuffer.length < HEADER_LENGTH + TAG_LENGTH) {
+function encryptChunkWithKey(buffer, key) {
+  const nonce = crypto.randomBytes(NONCE_LENGTH);
+  const cipher = crypto.createCipheriv(ALGORITHM, key, nonce);
+  const encrypted = Buffer.concat([cipher.update(buffer), cipher.final()]);
+  const tag = cipher.getAuthTag();
+  return Buffer.concat([MAGIC_CK02, nonce, encrypted, tag]);
+}
+
+/**
+ * Decrypt an encrypted buffer. Auto-detects CK01 vs CK02 format.
+ * @param {Buffer} encBuffer - Encrypted chunk
+ * @param {string|null} password - Password for CK01 chunks (null OK if CK02 + key)
+ * @param {Buffer|null} key - Pre-derived key for CK02 chunks (null OK if CK01 + password)
+ */
+function decryptChunk(encBuffer, password, key) {
+  if (encBuffer.length < CK02_HEADER_LENGTH + TAG_LENGTH) {
     throw new Error('Invalid chunk: too small');
   }
 
   const magic = encBuffer.subarray(0, 4);
-  if (!magic.equals(MAGIC)) {
-    throw new Error('Invalid chunk: bad magic (expected CK01)');
+
+  if (magic.equals(MAGIC_CK02)) {
+    if (!key) throw new Error('CK02 chunk requires an encryption key (not a password)');
+    return decryptChunkWithKey(encBuffer, key);
   }
 
-  const salt = encBuffer.subarray(4, 4 + SALT_LENGTH);
-  const nonce = encBuffer.subarray(4 + SALT_LENGTH, HEADER_LENGTH);
-  const ciphertext = encBuffer.subarray(HEADER_LENGTH, encBuffer.length - TAG_LENGTH);
+  if (magic.equals(MAGIC_CK01)) {
+    if (!password) throw new Error('CK01 chunk requires a password');
+    if (encBuffer.length < CK01_HEADER_LENGTH + TAG_LENGTH) {
+      throw new Error('Invalid CK01 chunk: too small');
+    }
+    const salt = encBuffer.subarray(4, 4 + SALT_LENGTH);
+    const nonce = encBuffer.subarray(4 + SALT_LENGTH, CK01_HEADER_LENGTH);
+    const ciphertext = encBuffer.subarray(CK01_HEADER_LENGTH, encBuffer.length - TAG_LENGTH);
+    const tag = encBuffer.subarray(encBuffer.length - TAG_LENGTH);
+
+    const derivedKey = deriveKey(password, salt);
+    const decipher = crypto.createDecipheriv(ALGORITHM, derivedKey, nonce);
+    decipher.setAuthTag(tag);
+
+    try {
+      return Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+    } catch (e) {
+      throw new Error('Decryption failed — wrong password or corrupted chunk');
+    }
+  }
+
+  throw new Error('Invalid chunk: unknown magic bytes');
+}
+
+/**
+ * Decrypt a CK02-format buffer with a pre-derived key.
+ */
+function decryptChunkWithKey(encBuffer, key) {
+  const nonce = encBuffer.subarray(4, 4 + NONCE_LENGTH);
   const tag = encBuffer.subarray(encBuffer.length - TAG_LENGTH);
+  const ciphertext = encBuffer.subarray(CK02_HEADER_LENGTH, encBuffer.length - TAG_LENGTH);
 
-  const key = deriveKey(password, salt);
   const decipher = crypto.createDecipheriv(ALGORITHM, key, nonce);
   decipher.setAuthTag(tag);
 
   try {
     return Buffer.concat([decipher.update(ciphertext), decipher.final()]);
   } catch (e) {
-    throw new Error('Decryption failed — wrong password or corrupted chunk');
+    throw new Error('Decryption failed — wrong key or corrupted chunk');
   }
 }
 
+/**
+ * Derive a deterministic encryption key from a password using HKDF-SHA256.
+ * This key is stored wrapped in config, so the daemon doesn't need the password.
+ */
+function deriveEncryptionKey(password) {
+  // HKDF extract: PRK = HMAC-SHA256(salt, IKM)
+  const prk = crypto.createHmac('sha256', 'clawkeep').update(password).digest();
+  // HKDF expand: OKM = HMAC-SHA256(PRK, info || 0x01)
+  const info = Buffer.from('clawkeep-encryption');
+  const t = crypto.createHmac('sha256', prk).update(Buffer.concat([info, Buffer.from([1])])).digest();
+  return t.subarray(0, 32);
+}
+
+/**
+ * Wrap an encryption key using AES-256-GCM with the password hash as wrapping key.
+ * @param {Buffer} encryptionKey - The key to wrap
+ * @param {string} passwordHash - "$scrypt$<salt-hex>$<hash-hex>" format
+ * @returns {string} Base64-encoded wrapped key: [12B nonce][encrypted][16B tag]
+ */
+function wrapKey(encryptionKey, passwordHash) {
+  const hashBytes = Buffer.from(passwordHash.split('$')[3], 'hex');
+  const nonce = crypto.randomBytes(NONCE_LENGTH);
+  const cipher = crypto.createCipheriv(ALGORITHM, hashBytes, nonce);
+  const enc = Buffer.concat([cipher.update(encryptionKey), cipher.final()]);
+  const tag = cipher.getAuthTag();
+  return Buffer.concat([nonce, enc, tag]).toString('base64');
+}
+
+/**
+ * Unwrap an encryption key using AES-256-GCM with the password hash.
+ * @param {string} wrappedKeyB64 - Base64-encoded wrapped key
+ * @param {string} passwordHash - "$scrypt$<salt-hex>$<hash-hex>" format
+ * @returns {Buffer} The unwrapped 32-byte encryption key
+ */
+function unwrapKey(wrappedKeyB64, passwordHash) {
+  const hashBytes = Buffer.from(passwordHash.split('$')[3], 'hex');
+  const buf = Buffer.from(wrappedKeyB64, 'base64');
+  const nonce = buf.subarray(0, NONCE_LENGTH);
+  const tag = buf.subarray(buf.length - TAG_LENGTH);
+  const enc = buf.subarray(NONCE_LENGTH, buf.length - TAG_LENGTH);
+  const decipher = crypto.createDecipheriv(ALGORITHM, hashBytes, nonce);
+  decipher.setAuthTag(tag);
+  return Buffer.concat([decipher.update(enc), decipher.final()]);
+}
+
 /**
  * Hash a password for storage (verification only, not the password itself).
  * Format: $scrypt$<salt-hex>$<hash-hex>
@@ -87,4 +177,14 @@ function verifyPassword(password, storedHash) {
   return crypto.timingEqual(derived, expected);
 }
 
-module.exports = { encryptChunk, decryptChunk, hashPassword, verifyPassword };
+module.exports = {
+  encryptChunk,
+  encryptChunkWithKey,
+  decryptChunk,
+  decryptChunkWithKey,
+  deriveEncryptionKey,
+  wrapKey,
+  unwrapKey,
+  hashPassword,
+  verifyPassword,
+};

package/src/core/sync.js

@@ -4,19 +4,28 @@ const crypto = require('crypto');
 const path = require('path');
 const fs = require('fs');
 const os = require('os');
-const { encryptChunk, decryptChunk } = require('./sync-crypto');
+const { encryptChunk, encryptChunkWithKey, decryptChunk } = require('./sync-crypto');
 
 /**
  * SyncManager — manages encrypted incremental chunk-based sync.
  *
  * Handles manifest management, git bundle creation, incremental logic,
  * restore from backup, and compaction.
+ *
+ * Accepts a credential object: { password } for CK01 or { encryptionKey } for CK02.
  */
 class SyncManager {
-  constructor(clawGit, transport, password) {
+  constructor(clawGit, transport, credential) {
     this.claw = clawGit;
     this.transport = transport;
-    this.password = password;
+    // credential: { password } OR { encryptionKey: Buffer }
+    if (credential.encryptionKey) {
+      this.encryptionKey = credential.encryptionKey;
+      this.password = null;
+    } else {
+      this.password = credential.password;
+      this.encryptionKey = null;
+    }
   }
 
   /**
@@ -44,6 +53,23 @@ class SyncManager {
     return 'chunk-' + String(num).padStart(6, '0') + '.enc';
   }
 
+  /**
+   * Encrypt a buffer using the appropriate method (CK02 if key, CK01 if password).
+   */
+  _encrypt(buffer) {
+    if (this.encryptionKey) {
+      return encryptChunkWithKey(buffer, this.encryptionKey);
+    }
+    return encryptChunk(buffer, this.password);
+  }
+
+  /**
+   * Decrypt a buffer. Handles CK01 and CK02 auto-detection.
+   */
+  _decrypt(encBuffer) {
+    return decryptChunk(encBuffer, this.password, this.encryptionKey);
+  }
+
   /**
    * Read and decrypt manifest from remote. Returns null if not found.
    */
@@ -53,7 +79,7 @@ class SyncManager {
     if (!exists) return null;
 
     const encData = await this.transport.readFile(manifestPath);
-    const data = decryptChunk(encData, this.password);
+    const data = this._decrypt(encData);
     return JSON.parse(data.toString('utf8'));
   }
 
@@ -62,7 +88,7 @@ class SyncManager {
    */
   async _writeManifest(workspaceId, manifest) {
     const data = Buffer.from(JSON.stringify(manifest, null, 2), 'utf8');
-    const encrypted = encryptChunk(data, this.password);
+    const encrypted = this._encrypt(data);
     await this.transport.writeFile(workspaceId + '/manifest.enc', encrypted);
   }
 
@@ -173,7 +199,7 @@ class SyncManager {
     // Encrypt and write chunk
     const chunkNum = manifest.chunks.length + 1;
     const chunkId = this._chunkName(chunkNum);
-    const encrypted = encryptChunk(bundleBuffer, this.password);
+    const encrypted = this._encrypt(bundleBuffer);
     await this.transport.writeFile(workspaceId + '/' + chunkId, encrypted);
 
     // Count commits in this chunk
@@ -227,7 +253,7 @@ class SyncManager {
       const bundlePaths = [];
       for (const chunk of manifest.chunks) {
         const encData = await this.transport.readFile(workspaceId + '/' + chunk.id);
-        const bundle = decryptChunk(encData, this.password);
+        const bundle = this._decrypt(encData);
         const bundlePath = path.join(tmpDir, chunk.id.replace('.enc', '.bundle'));
         fs.writeFileSync(bundlePath, bundle);
         bundlePaths.push(bundlePath);
@@ -262,11 +288,15 @@ class SyncManager {
   /**
    * Static restore: restore from a backup path without needing an initialized repo.
    * Used when restoring to a brand new directory.
+   * @param {object} credential - { password } or { encryptionKey }
    */
-  static async restoreFrom(transport, workspaceId, password, destDir) {
+  static async restoreFrom(transport, workspaceId, credential, destDir) {
+    const password = credential.password || null;
+    const key = credential.encryptionKey || null;
+
     const manifestPath = workspaceId + '/manifest.enc';
     const encManifest = await transport.readFile(manifestPath);
-    const manifest = JSON.parse(decryptChunk(encManifest, password).toString('utf8'));
+    const manifest = JSON.parse(decryptChunk(encManifest, password, key).toString('utf8'));
 
     if (!manifest.chunks.length) throw new Error('Backup has no chunks');
 
@@ -278,7 +308,7 @@ class SyncManager {
       const bundlePaths = [];
       for (const chunk of manifest.chunks) {
         const encData = await transport.readFile(workspaceId + '/' + chunk.id);
-        const bundle = decryptChunk(encData, password);
+        const bundle = decryptChunk(encData, password, key);
         const bundlePath = path.join(tmpDir, chunk.id.replace('.enc', '.bundle'));
         fs.writeFileSync(bundlePath, bundle);
         bundlePaths.push(bundlePath);
@@ -324,7 +354,7 @@ class SyncManager {
       const bundlePaths = [];
       for (const chunk of manifest.chunks) {
         const encData = await this.transport.readFile(workspaceId + '/' + chunk.id);
-        const bundle = decryptChunk(encData, this.password);
+        const bundle = this._decrypt(encData);
         const bundlePath = path.join(tmpDir, chunk.id.replace('.enc', '.bundle'));
         fs.writeFileSync(bundlePath, bundle);
         bundlePaths.push(bundlePath);
@@ -351,7 +381,7 @@ class SyncManager {
       }
 
       // Encrypt and write new full chunk
-      const encrypted = encryptChunk(fullBundleBuffer, this.password);
+      const encrypted = this._encrypt(fullBundleBuffer);
       const newChunkId = this._chunkName(1);
       await this.transport.writeFile(workspaceId + '/' + newChunkId, encrypted);