Data Lost: How to restore Missing Directories

Hello Community,

Ever experienced the case, that your vault got corrupted and directories disappeared into the nirvana? Well, even if you were lucky (or your sync client works properly), it might not be a bad idea to know how you can repair your vault in such a case and recover your directories.

The vault health check introduced with Cryptomator 1.6.0 is your best friend here. It does detect such corruption and can fix it. Unfortunately, the GUI does not provide all the information to understand the matter, and hence, this post now exists.

This post shows you how to restore missing directories and why they disappeared. If you are not interested in the details, you can skip to the last section.

:warning: Most of the times, missing directories are caused by improper cloud synchronization. Hence, fixing this on one computer might lead to conflicts or data duplication on other devices.

β€œMissing” does not always mean lost

From a technical point of view, the term β€œmissing” is misleading in most cases, but to understand how directores may seem β€œmissing”, you need to know the internal structure of a vault.

Cryptomator does not only encrypt files, but also encrypts the directory structure. It is implemented by placing all cleartext directories next to each other on the encrypted storage side and retain their parent-child-relationship with link files named dir.c9r.


Example

You have the Cryptomator vault β€œmyVault”. After unlock, you copy a directory named β€œfoo” containing the file β€œbar.txt” to the top level of it (aka to the root directory). Then the unlocked β€œmyVault” looks the following:

/ (root dir of myVault)
β”œβ”€ ...
└─ foo
    └─ bar.txt

On the storage location of β€œmyVault”, the following directory structure is present:

/ (myVault)
β”œβ”€ masterkey.cryptomator
β”œβ”€ vault.cryptomator
└─ d
   β”œβ”€ BZ
   β”‚  └─ R4VZSS5PEF7TU3PMFIMON5GJRNBDWA # root dir
   β”‚     β”œβ”€ ...
   β”‚     └─ FHTa55bH*sUfVDbEb0gTL9hZ8nho.c9r  # directory foo
   β”‚        └─ dir.c9r  # link file
   └─ FC
      └─ ZKZRLZUODUUYTYA4457CSBPZXB5A77  # contains contents of foo
         └─ gLeOGMCN358*UBf2Qk9cWCQl.c9r  # bar.txt

If a link file is getting lost or corrupted (e.g., due to incomplete synchronization), the linked child directory is not listed anymore since its actual content cannot be found. The data is still there, but unavailable from inside the unlocked vault because no other directory points with a link file to it. An (encrypted) directory without any link file pointing to it is called orphan.

In contrast, if the encrypted directory the link file is pointing to does not exist, the data inside is lost.
A user cannot differentiate between these two cases, but for Cryptomator it makes huge difference: In the first case, the data inside the directory can be recovered, in the second case not.

For further information about the internal structure of a vault, read our docs.

Adopting an orphan

Orphaned directories can be recovered using the vault health check within the Cryptomator app. If you start the health check and selected the β€œDirectory Check”, you can get results with a description of β€œOrphan directory: …” and a β€œFix” button next to it. Each such result means, that the health check found an orphan directory in the vault. To regain access to your data, you need to click the β€œFix” button, which β€œadopts” the orphaned directory by creating a link file again.

:warning: Before performing any fixes, ensure that the vault is fully synced.

But since the information, which directory was the original parent containing the link file is lost, Cryptomator needs a fixed place to make the orphans accessible again. To stay in the metaphor, an orphanage is needed. For every vault, this orphanage is a top-level folder called CRYPTOMATOR_RECOVERY, which is created during the first adoption and from which every adopted orphaned directory can be accessed.


Example (Cont’d)

On a different device, due to incomplete sync, the dir.c9r file is missing:

/ (myVault)
β”œβ”€ masterkey.cryptomator
β”œβ”€ vault.cryptomator
└─ d
   β”œβ”€ BZ
   β”‚  └─ R4VZSS5PEF7TU3PMFIMON5GJRNBDWA # root dir
   β”‚     β”œβ”€ ...
   β”‚     └─ FHTa55bH*sUfVDbEb0gTL9hZ8nho.c9r  # empty directory foo, no link file
   └─ FC
      └─ ZKZRLZUODUUYTYA4457CSBPZXB5A77  # contains contents of foo
         └─ gLeOGMCN358*UBf2Qk9cWCQl.c9r  # bar.txt

Unlocking your vault, directory β€œfoo” is not displayed anymore, due to the missing link file.
After performing the vault health check and applying the fix, the directory structure of the vault storage location changed to:

/ (myVault)
β”œβ”€ masterkey.cryptomator
β”œβ”€ vault.cryptomator
└─ d
   β”œβ”€ BZ
   β”‚  └─ R4VZSS5PEF7TU3PMFIMON5GJRNBDWA # root dir
   β”‚     β”œβ”€ ...
   β”‚     β”œβ”€ hquw6zNn*Opqwe5621cbSmQWhxOp.c9r  # directory CRYPTOMATOR_RECOVERY
   β”‚     β”‚  └─ dir.c9r # link file
   β”‚     └─ FHTa55bH*sUfVDbEb0gTL9hZ8nho.c9r  # leftover of directory foo
   β”œβ”€ FC
   β”‚  └─ ZKZRLZUODUUYTYA4457CSBPZXB5A77  # contains contents of foo
   β”‚     └─ gLeOGMCN358*UBf2Qk9cWCQl.c9r  # bar.txt
   └─ MK
       └─ 18UH65JJ9LPV320BXZWWLKSIFD8AMX  # contains contents of CRYPTOMATOR_RECOVERY
          └─ gLeOGMCN358*UBf2Qk9cWCQl.c9r  # directory "foo"
             └─ dir.c9r

and looking into the unlocked vault

/ (root dir of myVault)
β”œβ”€ ...
└─ CRYPTOMATOR_RECOVERY
   └─ directory1  # previously named foo
      └─ file1  # previously named bar.txt

Unfortunately, the parent-child-relation is not the only lost information. Due to the tamper-proof encryption scheme, the name of the recovered directory and the names of all first-level resources are also lost and cannot be recovered. Therefore all files are just named β€œfileX” and all folders β€œdirectoryX” where X is an increasing number.

To determine what such an anonymous file contains is the next task.

Next steps

All files are recovered, but since the file names and endings are lost, you very likely don’t know which file contains what data. And to determine the content of a file manually, you need to know the file ending to open it with the correct application. To determine the file ending a tool for this task is the file program. We wrote a short script using it, which sweeps through a given directory and tries to determine the filetype. You can find the script and how to use it here.

tl;dr

  1. Ensure that the vault is fully synced
  2. Start the health check
  3. For all results of severeness β€œwarning” with the description β€œOrphan directory: …”, click on the fix button
  4. When all fixes are finished, close the health check
  5. Unlock the vault and reveal it in the file manager
  6. Navigate to the new directory CRYPTOMATOR_RECOVERY
  7. For this directory, follow the thread Sanitizer: Restore Missing File Extensions
3 Likes
Β© 2022 Skymatic GmbH β€’ Privacy Policy β€’ Impressum