About fault tolerance ability

Hi, I am new to cryptomator, and I find this software super useful.

These days, I’ve been read through docs, issues on github and topics on this websites. I want to make sure I fully understand the features and limitations of cryptomator before I use it to encrypt my files in the cloud drive.

The cloud drive providers does not necessarily guarantee the correctness of users’ data, which means users’ data can be corrupted during uploading, downloading, or even storing on hard drives. When files are corrupted, we should be able to detect the errors and maybe recover them.

A solution that I’ve seen is to use WinRAR to archive files. The recovery records of rar archives provides certain fault tolerance ability.

The general question is: Is cryptomator able to do fault tolerance?

After we create a vault, there will be some files in the vault and will be uploaded to the cloud along with our encrypted files.

So, the detailed questions are:

  1. What if the masterkey and vault files are corrupted? Then the whole valut is unable to use. In my opinion, this is a kind of single point of failure.

  2. What if a single encrypted file is corrupted? Then we loss it forever if we do not have backup. We can not recover it like rar does.

So, Are there any solutions to these two questions? Or, have similar questions been discussed before?



I don’t think so. If you encrypted file is corrupt, you can’t decrypt it anymore. Cryptomator does only encrypt. It does not add restore information like Windsor packages.

If the masterkey is corrupted, you’ll find a backup next to it. Cryptomator does create this backup file after a successful login. And there is a way to create a new masterkey as long as you have your vault recovery key available. Recover masterkey file with recovery key? - #4 by tobihagemann
If the vault is corrupted, see above.

Exactly. It’s like with any other file. Regardless if it’s encrypted or not. It needs a backup.

Cryptomator covers privacy issues with online stored files. It does not cover data security issues. This is the job of you backup strategy.