Regera

Compile-Time String Encryption for Rust

Turns string literals into encrypted blobs at compile time and injects minimal decrypt shims at runtime.

Engines

• jesko: ChaCha20 + BLAKE3 MAC + obfuscation
• absolut: ASCON128 + KMAC256 + obfuscation
• sadair: AES-256-GCM + BLAKE3 MAC + obfuscation
• gamera: deterministic XOR obfuscator (non-crypto)
• velar: lightweight BLAKE3-derived key + ChaCha20 keystream XOR (no MAC/integrity)

Feature selection

Enable only the engines you need so unused crypto crates are not linked.

[dependencies]
regera = { version = "0.1.0", default-features = false, features = ["std", "velar"] }
# example multi-engine:
# regera = { version = "0.1.0", default-features = false, features = ["std", "jesko", "velar"] }

Quick start

use regera::velar;

fn main() {
    let secret = velar!("MySecretData");
    secret.with_str(|s| println!("{}", s));
}

Multi-string macros are available per engine (jeskoex!, absolutex!, sadairex!, gameraex!, velarex!).

Crates

• regera: umbrella crate (re-exports macros + core types)
• regera_core: runtime engines and core types
• regera_macros: proc-macros that encrypt at compile time

Testing

cargo test --workspace

License

AGPL-3.0. See LICENSE.