/api/system/encryption-status

GET

Lightweight probe used by clients to decide whether to prompt the user for a login password.

http://localhost:8080/api/system/encryption-status

Description

Reports two facts about the running server:

key_set — Has the user logged in this session? (Has /api/system/login already been called and is the derived key still in memory?)
encrypted_files_exist — Are there any .bin files in the registered wallets' Bank or Fracked folders whose on-disk header marks them as encrypted?

From those two facts the server derives login_required: true if encrypted files exist AND no key is set (the user must log in before any encrypted-coin operation can succeed). The client can branch on login_required instead of running its own scan.

Use this before login

This endpoint is the recommended first call for a fresh client. It tells you whether the user even needs a password prompt — many users will see encrypted_files_exist: false and can skip the login step entirely.

Parameters

None.

Response

Success — 200 OK

No encrypted files yet, no login

{
  "command": "encryption-status",
  "success": true,
  "key_set": false,
  "encrypted_files_exist": false,
  "login_required": false
}

Encrypted files exist; user has not logged in yet

{
  "command": "encryption-status",
  "success": true,
  "key_set": false,
  "encrypted_files_exist": true,
  "login_required": true
}

User is logged in

{
  "command": "encryption-status",
  "success": true,
  "key_set": true,
  "encrypted_files_exist": true,
  "login_required": false
}

Response Fields

Field	Type	Description
`key_set`	bool	`true` if a derived encryption key is currently held in memory (someone has logged in and not logged out).
`encrypted_files_exist`	bool	`true` if at least one `.bin` file in any registered wallet's Bank or Fracked folder has `encryption_type != 0` in its header.
`login_required`	bool	Convenience: `encrypted_files_exist && !key_set`. Branch on this in the client.

Decision table for clients

key_set	encrypted_files_exist	login_required	What the client should do
false	false	false	No password is needed. Coin operations work in plaintext mode. The user MAY still log in to start encrypting future writes.
false	true	true	Prompt for password and POST to /api/system/login before any wallet operation.
true	any	false	Already logged in this session. Proceed.

Example Usage

curl "http://localhost:8080/api/system/encryption-status"

const res = await fetch('http://localhost:8080/api/system/encryption-status');
const s = await res.json();

if (s.login_required) {
  // show password prompt, then POST /api/system/login
} else if (!s.key_set && !s.encrypted_files_exist) {
  // optional: ask the user if they want to set a password now
}

import requests
s = requests.get('http://localhost:8080/api/system/encryption-status').json()
print(s)
# {'command': 'encryption-status', 'success': True,
#  'key_set': False, 'encrypted_files_exist': True, 'login_required': True}

Related Endpoints

/api/system/login — Set the password.
/api/system/logout — Clear the in-memory key.
/api/system/encrypt_existing_files — Convert plaintext remnants to encrypted, after login.
/api/recovery/status — Different concern (boot-time deposit/upgrade recovery), but commonly polled at the same time.