Skip to main content

CYBERCRYPT D1 Storage service

The CYBERCRYPT D1 Storage service is an encrypted storage solution aimed at making it easy to manage sensitive data across multiple cloud environments while simultaneously removing the need to trust the cloud providers with encryption keys. D1 Storage provides a simple gRPC interface that allows multiple workloads or users to store and retrieve data securely.

D1 Storage is designed with the philosophy that you should not have to unconditionally trust cloud providers to protect your sensitive data, and that having to manage keys and credentials across several cloud environments is a security problem in itself. D1 Storage minimizes the potential attack surface and simplifies key management, while still allowing you to take advantage of a multi cloud setup. It is designed to not only encrypt and authenticate your data using modern cryptographic standards, but also to cryptographically enforce user authentication and authorization.

Running D1 Storage locally

The easiest way to try out D1 Storage is to start a local Docker Compose instance. For instructions on how to do this, see the Getting Started guide. The documentation folder also provides a User Manual as well as an overview of the gRPC API.

Running D1 Storage in a Kubernetes cluster


You can run D1 Storage in a Kubernetes cluster. Refer to the provisioning documentation for instructions on how to provision in different cloud providers.


Using the D1 Storage Helm Chart, you can deploy D1 Storage to a Kubernetes. See the D1 Storage Helm Chart README for more information.