Skip to content

UmbraCore Architecture

Overview

UmbraCore follows a modular architecture with a strong focus on security, type safety, and maintainability. The system is designed around the principle of separation of concerns, with distinct modules handling specific aspects of the backup management process.

Core Architecture Principles

Security-First Design

  • Foundation-free core modules for critical security operations
  • XPC services for privileged operations
  • Secure keychain integration with sandboxing support

Module Organisation

UmbraCore is organised into several logical layers:

  1. Core Foundation-Free Layer
  2. SecurityProtocolsCore
  3. XPCProtocolsCore

  4. UmbraCoreTypes

  5. Foundation Bridge Layer

  6. SecurityBridge

  7. XPCBridge

  8. Implementation Layer

  9. SecurityImplementation

  10. UmbraSecurity

  11. Application Services

  12. UmbraKeychainService
  13. ResticCLIHelper
  14. RepositoryManager
  15. BackupCoordinator

Error Handling Architecture

UmbraCore implements a comprehensive error handling system with:

  • Domain-specific error types
  • Consistent error mapping between modules
  • Rich error context for debugging

Concurrency Model

The project uses Swift's structured concurrency model with:

  • Async/await for asynchronous operations
  • Actor-based isolation for thread safety
  • Task management for cancellation support

XPC Integration

UmbraCore uses XPC extensively for privilege separation:

  • Main app remains sandboxed
  • XPC services handle privileged operations
  • Well-defined protocol interfaces using Swift's protocol system