Skip to content

aranya-project/aranya

Aranya

Aranya is lovingly crafted and supported by SpiderOak. Aranya is licensed under the AGPL- if you want to use it commercially, drop us a line!

What is it?

Aranya is a software development tool for governing access to data and services over a decentralized, zero-trust framework with secure end-to-end encrypted data exchange built-in.

Aranya has been designed with an emphasis on security, efficiency, and portability.

The root cause of cyber insecurity is complexity; and yet when we attempt to protect our systems, our solution is to add more.

Software developers must not expect customers to mitigate defects using external security tools and an endless cycle of patching. Software must become secure by design.

Aranya is our contribution to this effort. It is a batteries-included tool which allows developers to produce software with built-in micro-segmentation. This complete solution covers access management with user onboarding, authentication and authorization, freeing the developer to focus on the problem they wish to solve.

For users, software built on Aranya is less complex to operate securely, and is secure regardless of the network it is run on.

More documentation on Aranya is provided here:

Getting Started

Dependencies

To view documentation for the aranya-client-capi C API, download doxygen.

The following platforms are supported:

  • Linux/arm64
  • Linux/amd64
  • MacOS

Example application

We have provided a runnable example application that uses the aranya-client-capi C API. This application goes through team setup, syncing and sending messages using Aranya Fast Channels.

Download the source code from this repository. Navigate to the aranya-client-capi C API example and run the application:

cargo make run-capi-example

This will also build local doxygen documentation for the aranya-client-capi. Open the docs/index.html file in a browser to view the docs.

This example and its README contain more details on the steps being performed in this example once running.

Setting up your own application

Download the source code from this repository or from crates.io:

Integrate the client library into your application. The client's README has more information on using the Rust client.

The daemon's README contains instructions for configuring and running the daemon.

After the daemon has started up, start the application.

Rust Example Application

An example Rust program for using Aranya is located here: Aranya Rust Example

Refer to the aranya-example crate's README for more information: Aranya Example README.md

What's Contained In This Repo

This repository contains the following components:

Rust Client Library

The Rust Client Library provides an interface for your application to interface with the Aranya Daemon in order to invoke actions on and process affects from the Aranya graph. The library also provides an interface to Aranya Core for Aranya Fast Channels functionality. Refer to the client's README for more details on this component.

Daemon Process

The daemon is a long-running process that forwards requests from the client to the Aranya Core. Refer to the daemon's README for more information on this component.

Aranya Policy

The Aranya Policy is a security control policy written in Aranya's domain-specific policy language and executed by the Aranya runtime.

Dependencies

Aranya Core

The Aranya Core repo has all the main components of Aranya that are needed for the core functionality to work. This is a library that includes the storage module (for DAG and FactDB), crypto module (with default crypto engine automatically selected), sync engine, and runtime client (including policy VM).

Aranya Fast Channels

Aranya Fast Channels are encrypted channels between 2 peers that could be either bidirectional or unidirectional.

Maintainers

This repository is maintained by software engineers employed at SpiderOak