DroidFS icon indicating copy to clipboard operation
DroidFS copied to clipboard
verified publisher icon hardcore-sushi

A Design Issue That Could Lead to Data Loss

Open person12675 opened this issue 6 months ago • 3 comments

Hello,

A potential risk has caught my attention. If even a single bit is corrupted in any of the .diriv files in the encrypted volume, all files in that folder and its subfolders become inaccessible. Likewise, if the name of any folder or file is changed, that folder/file disappears from view. This makes the encrypted volume very fragile. Of course, we should back up our data, but since the application does not report these corruptions, we might mistakenly believe our archive is intact, delete the backups, or recreate them—leading to data loss. I believe this issue needs to be addressed by adding a feature to back up the .diriv files and file/folder names, or by some other method.

Thank you.

person12675 avatar Jul 09 '25 20:07 person12675

Yes that's right, it would be nice if corruptions were reported, but the original CryFS and gocryptfs programs only log these errors. We would need to implement proper error propagation so that the message could reach the UI. This would require a bit of work.

Even if implemented, keep in mind that corruptions are only detectable by trying to open the corresponding file or directory in the open volume. Thus, simply opening a volume may not suffice to detect corruption. You'd have to open every single file one by one to check whether it's intact or not.

A better solution might be to implement a "fsck" feature, which would automatically check the entire volume. gocryptfs already provides this (you can use it in the meantime), but I don't think CryFS does.

However, not all corruptions are detectable. For example, removing files or entire directories from a gocryptfs volume will not be detected.

hardcore-sushi avatar Jul 11 '25 19:07 hardcore-sushi

There’s no need to check the integrity of every single file. What I really want to emphasize is that a single error occurring in the parent folder can cause thousands of files within that folder to become corrupted.

I think using a simple backup method could serve as a temporary solution. You could back up the .conf file, the .diriv files, and the file/folder names.

person12675 avatar Jul 22 '25 22:07 person12675

Well, I've lost 99 % of my gocryptfs folder due to probably that kind of issues right today...

A lot of I/O errors and malformed container...

File size are still correct but everything is unreadable...

Soooo. guess I'll learn to make backups...

MiMillieuh avatar Oct 17 '25 12:10 MiMillieuh