Security
We take security seriously and appreciate responsible disclosure.
Reporting a Vulnerability
Section titled “Reporting a Vulnerability”Please report security issues via GitHub Security Advisories:
Include as much detail as possible:
- Description of the issue and impact
- Steps to reproduce
- Affected version(s)
- Any proof-of-concept code
We will acknowledge receipt, investigate, and work toward a fix.
Security Model
Section titled “Security Model”Lore is local-first:
- All data stays on your machine by default - There is no hosted service and no account
- No telemetry - Lore doesn’t phone home or collect usage data
- SQLite storage - Standard file permissions protect your local database
- Opt-in, encrypted sync - When you enable sync, sessions are encrypted on your machine before they touch git
Data Sensitivity
Section titled “Data Sensitivity”Session data may contain sensitive information from your AI conversations:
- Code snippets and file contents
- Error messages with stack traces
- Environment details
Use lore export --redact when sharing sessions to automatically remove common secrets (API keys, tokens, credentials).
Sync Encryption
Section titled “Sync Encryption”Lore syncs reasoning history over git rather than through a server. Content is encrypted end to end, so the git host (GitHub, GitLab, or anything else) only ever sees ciphertext. This is zero-knowledge to the host.
How Encryption Works
Section titled “How Encryption Works”- Key derivation - Your passphrase is combined with a random salt using Argon2id to derive a 256-bit key.
- Encryption - Each session record (messages, commit links, tags, annotations, and summary) is gzipped, then encrypted with AES-256-GCM.
- Storage - Only ciphertext is written to the git store, whether that is the per-repo ref
refs/lore/sessionsor the global store at~/.lore/sync.
| Component | Algorithm | Purpose |
|---|---|---|
| Key derivation | Argon2id | Derives the encryption key from your passphrase |
| Symmetric encryption | AES-256-GCM | Encrypts session content, with tamper detection |
| Salt | Random | Makes key derivation unique per store (stored in plaintext; a salt is not secret) |
What Is and Is Not Encrypted
Section titled “What Is and Is Not Encrypted”The full session record is encrypted. A minimal plaintext metadata file per session lets the store be listed without the passphrase. It contains only:
- Session id
- Tool name
- Timestamps
- Message count
- Machine id
- Git branch
It deliberately contains no file paths and no message content.
Key Storage
Section titled “Key Storage”The passphrase itself is never stored. After setup, the derived key is cached locally:
- OS keychain when
use_keychainis enabled (macOS Keychain, Windows Credential Manager, Linux Secret Service) - File backend otherwise, as a
0600file under~/.lore/sync-keys/
Team Sharing
Section titled “Team Sharing”Sharing reasoning with a team needs no accounts and no per-seat fee:
- Share the repo - Normal git access (clone and push).
- Share the passphrase out of band - A password manager or a secure message.
A teammate who has both can run lore sync setup, then lore sync, and read the team’s reasoning history and run lore blame.
Supported Versions
Section titled “Supported Versions”Security updates are provided for the latest minor version. We recommend keeping Lore up to date.
| Version | Supported |
|---|---|
| 0.2.x | Yes |
| < 0.2.0 | No |