bitwarden/server
Cipher
The encrypted vault item. Defined at src/Core/Vault/Entities/Cipher.cs and persisted to dbo.Cipher.
Important columns
| Column | Notes |
|---|---|
Id (Guid) |
Primary key. |
UserId |
Set for personal ciphers; null for org-owned. |
OrganizationId |
Set for org ciphers. Exactly one of UserId / OrganizationId must be non-null. |
Type |
CipherType enum: Login, SecureNote, Card, Identity, SshKey, Fido2Key. |
Data |
The encrypted JSON payload. Shape depends on Type. |
Favorites |
JSON map of userId → bool so a user can favourite a cipher in a shared collection without affecting others. |
Folders |
JSON map of userId → folderId. |
Attachments |
JSON map of attachmentId → AttachmentData. |
Reprompt |
CipherRepromptType — None / Password (re-prompt master password before showing). |
Key |
Optional cipher-specific key (used by SSH-key ciphers and certain new flows). |
DeletedDate |
Soft-delete marker. |
RevisionDate, CreationDate |
Audit timestamps. Bumped on every edit. |
OrganizationUseTotp |
Boolean — does the parent org allow TOTP storage on this cipher? |
Versions
Different Type values use different schema for Data:
- Login —
username,password,totp,uris,passwordRevisionDate, FIDO2 credentials. - Card — cardholder name, brand, number, expMonth/expYear, code.
- Identity — first/last name, address, phone, ssn, etc.
- SecureNote — only the
notesfield plus type=Generic. - SshKey (added 2024.12) — public + private key, fingerprint, expiration.
- Fido2Key / passkey — credentials stored alongside login items.
The minimum client version to recognise each new type is enforced via constants like Constants.SSHKeyCipherMinimumVersion = "2024.12.0" and Constants.PM32009NewItemTypeMinimumVersion.
Repositories
ICipherRepository (src/Core/Vault/Repositories/ICipherRepository.cs) with Dapper + EF implementations. Bulk operations are exposed as Cipher_CreateMany, Cipher_UpdateUserKeys, etc. (sprocs).
Read shapes
Cipher— the raw entity.CipherDetails(src/Core/Vault/Models/Data/CipherDetails.cs) — joined with the caller's permissions (viewPassword,edit,manage).CipherOrganizationDetails— for org-only views.CipherMiniDetails— sync-payload-friendly slim shape.
Soft-delete and restore
Cipher.DeletedDate toggles soft delete. CipherService.SoftDeleteManyAsync and RestoreManyAsync bulk-set the column. A Quartz cleanup job purges items past the retention window.
Where it shows up
- See vault-and-ciphers for the full feature.
- Encrypted attachments live in Azure Blob via
IAttachmentStorageService. - Audit events:
Cipher_Created,Cipher_Updated,Cipher_Deleted,Cipher_SoftDeleted,Cipher_Restored. - Push:
IPushNotificationService.PushSyncCipherUpdateruns on every change.
Bitwarden Rust SDK port
Parts of cipher creation/decryption are now delegated to the Rust SDK in util/RustSdk/. The migration was gated by pm-19941-migrate-cipher-domain-to-sdk; the flag was removed in PR #7457 (2026-04-13).
Built by Factory AutoWiki from public repository content. It is a generated preview for codebase exploration, not source-maintained documentation.