Overview

ULDA (Universal Linear Data Authentication) is an open family of lightweight client-side cryptographic tools for secure data handling and integrity verification — fully executed in the browser, with no server-side changes required.

The ULDA ecosystem currently includes two core libraries:

  1. ULDA Core (@zeroam/ulda) — a front-end encryption and synchronization toolkit for secure, real-time data handling.
  2. ULDA Signatures (ulda-sign) — a compact signature and verification engine based on linear step signatures (ULDA-S / ULDA-X).

Together, they provide a complete framework for client-side confidentiality, data integrity, and authentic synchronization between multiple clients.

Why ULDA

ULDA was designed to bridge the gap between simple web applications and strong cryptographic security — without introducing backend complexity.

Main goals:

  • 🔐 Client-side encryption using standard Web Crypto API primitives (AES-CBC + PBKDF2).
  • ⚙️ Simple data model based on “master” and “content” files.
  • 🔁 Real-time sync over secure WebSocket channels (socket.io-client).
  • 🧩 Modular crypto layer allowing custom hash or signature algorithms via plugins or CDN.
  • 🌐 Zero backend refactor — works purely on the front-end, inside browsers or Node.js.

Architecture Overview

ULDA
├── ulda-core  (main SaaS library)
│   ├── AES-CBC + PBKDF2 encryption
│   ├── Master / content file model
│   ├── WebSocket real-time sync (socket.io)
│   └── TypeScript support & full API
└── ulda-sign  (signature library)
    ├── Implements ULDA-S and ULDA-X
    ├── Configurable ladder parameters (N, hash, originSize)
    ├── Public API: New / stepUp / sign / verify
    └── Extensible hash functions (built-in or external)

Relationship Between Core and Signatures

Purpose ULDA Core ULDA Signatures
Encryption ✅ AES-CBC (PBKDF2)
Signatures Built-in integrity layer S- / X-Ladders (cryptographic verification)
Transport WebSocket (socket.io) Independent or embedded
Extensibility Plugin crypto utils Custom hashers, CDN scripts
Environment Browser / Node.js Browser / Node.js

ULDA Core handles encryption, key derivation, and synchronization.
ULDA Signatures provides step-based signature verification — proving that each new “generation” of data originates from the previous one.

The Concept of Linear Authentication

Traditional digital signatures are standalone.
ULDA introduces linear authentication — where every new signature “inherits” from the previous one, forming a verifiable chain.

Two compatible modes are defined:

  • ULDA-S (Skippable) — tolerant to dropped or reordered packets; supports multi-step verification.
  • ULDA-X (Strict) — compact, fast, but requires a strictly sequential channel (e.g., TLS, WebSocket).

The detailed specification is available in ULDA Manifest v1.

Documentation Structure

- Overview
- Manifest & White Papers
    - ULDA Manifest v1
    - White Papers (coming soon)
- ULDA SaaS (core library)
- ULDA Signatures (ulda-sign)
    - Index
    - Quickstart
    - Concepts (S vs X)
    - API
    - Examples
    - Changelog
- Licensing

Licensing

ULDA libraries are released under the ULDA Community License (Non-Commercial).
For commercial or SaaS use, contact legal@0am.ch to obtain a ULDA Commercial License.

Next Steps

  1. Read the ULDA Manifest v1 — the formal specification of ULDA-S and ULDA-X.
  2. Explore the ULDA SaaS (Core) library to understand data encryption and synchronization.
  3. Learn about ULDA Signatures and the ladder-based signature model.
  4. Review the Licensing terms before integrating ULDA in your project.