OZC1 outer package
OZC1 is the outer encrypted package used for .ozc files and encrypted text blocks. The public header is authenticated with AES-GCM additional authenticated data.
OzCrypt package and template formats
These notes describe what each local format is for, what stays public, and what must never be stored in metadata.
OZM1 protected metadata
User-facing metadata such as file names, created time, question text, notes, and soft-lock details belong inside protected encrypted metadata, not in the public header.
OZP1 multi-file pack
When you encrypt multiple files, OzCrypt packs them locally into an OZP1 bundle first, then encrypts that bundle into one OZC1 package.
Encrypted text block
Encrypted text blocks are not a separate encryption format. They are the same OZC1 package bytes encoded with Base64Url and wrapped in BEGIN/END markers.
Compact QR payload
For shorter encrypted notes, QR may use a compact text form such as OZC1B64:<base64url>. It still decodes back to the same OZC1 package bytes and is not a separate encryption format.
OZCFG configuration template
Configuration templates may save non-secret settings such as scenario, strategy, factor toggles, gesture grid size, output preferences, and UI preferences. They do not unlock anything.
Recovery reminder note
Recovery reminders are optional local text exports. They may contain dates, factor types, strategy names, or safety reminders, but they must not contain passwords, answers, gestures, key-file hashes, or unlock secrets.
OzPurge cleaned files and reports
OzPurge writes a new local file with a _clean suffix when metadata removal succeeds. Reports are optional local CSV, JSON, or Markdown exports and are not embedded back into the cleaned file.
OZV1 encrypted vault
OzVault .ozv files start with OZV1, a small public header, and AES-GCM ciphertext for the encrypted database. The public header contains KDF and algorithm settings, but not item titles, usernames, URLs, tags, passwords, notes, API keys, attachment names, or plaintext vault data.
OZS1 hidden payload format
OzStegano embeds an OZS1 payload inside carrier pixels. The format stores a small header with magic, version, flags, payload length, filename length, MIME type length, checksum, and optional encryption salt and nonce.
PNG LSB embedding
The current OzStegano MVP hides OZS1 bytes in PNG least-significant bits. AES-GCM payload encryption is optional and local-only. Passwords and derived keys are never stored in the embedded header.
What must never be stored
Passwords, answers, gesture sequences, key-file hashes, derived keys, private keys, decrypted content, and unlock secrets must never be stored in public metadata or templates.
Public vs protected metadata
Public headers stay intentionally minimal and authenticated with AAD. File names, question text, package notes, and other user-facing details belong in protected encrypted metadata only.
Local-first boundary
Format parsing, encrypted text decoding, QR handling, and package generation are designed to stay in the browser for this static build.