Introducing Aegis 2

Published: April 26, 2026

We are pleased to introduce Aegis 2.

Aegis 2 is the next-generation encrypted export container format for Bardo Notes. It is designed to provide stronger security, improved reliability, and significantly better efficiency for protected note exports.

This release represents a major step forward from the first version of Aegis. After internal review and testing, we redesigned key parts of the format to make it more secure, flexible, and maintainable. Aegis 2 addresses seven key security limitations identified in Aegis 1 and introduces a more structured foundation for future development.

Performance and resource usage have also been substantially improved. In internal testing, Aegis 2 reduced peak memory usage by up to 100x and improved KDF processing time by up to 4x, depending on the device, export size, and environment.

We also conducted an internal quality assessment covering security, reliability, efficiency, compatibility, and long-term maintainability. In this evaluation, Aegis 1 received a score of 4.5/10, while Aegis 2 achieved 9.8/10. This reflects a significant improvement across nearly every measured category.

Aegis 2 introduces a binary, streaming-friendly design with stronger authentication of encrypted content. The new format is better suited for large exports, structured metadata, and future extensions, while preserving a clear and consistent security model.

Compatibility remains a core requirement. Aegis 2 is designed to support existing Aegis 1 workflows as well as JSON-based export compatibility, ensuring a smooth transition for users and integrations.

Aegis 2 will be included with the release of Bardo 1.0 Stable.

Aegis 2 is now available in our open-source repository: Open Source / Aegis 2