Back

Database & Schema

Nest uses PostgreSQL with Drizzle ORM for its persistence layer. The schema is meticulously designed to balance relational querying speed with absolute zero-knowledge privacy.

Core Schema Definitions

usersIdentity & Billing

Handles authentication state and storage quotas. Passwords are never stored here.

ColumnTypePurpose
idserialPrimary Key
emailvarcharUnique login identifier
auth_hashvarcharBcrypt hash of the client-derived AuthHash
storage_quota_bytesbigintMaximum bytes allowed based on billing tier
user_cryptoZK Core

Stores the pre-derivation salts and the encrypted master keys required to bootstrap a zero-knowledge session.

ColumnTypePurpose
user_idintegerForeign Key to `users.id`
salttextBase64 random bytes for Argon2id
encrypted_master_keytextXChaCha20 ciphertext of the Master Key
encrypted_metadatatextEncrypted JSON blob containing folder/file names
filesCloud Pointers

Stores pointers to the distributed storage network. Does NOT store filenames.

ColumnTypePurpose
idserialPrimary Key
user_idintegerOwner of the file
jackal_fidvarcharFile ID on the Obsideo Storage Network (Note: Database column retains legacy name `jackal_fid`)
encrypted_file_keytextWrapped key needed to decrypt the file blob
file_sizebigintSize in bytes (used for quota calculations)

The Graveyard Protocol

To support secure deletion and enterprise auditing, Nest utilizes a specialized "Graveyard" schema (graveyard and graveyard_chunks). When a user permanently deletes a file, its metadata is moved from the active files table to the graveyard. This preserves historical records of storage network IDs without cluttering the active filesystem indices or exposing metadata to the client.