ProtonDrive: fix takes 100 lines

Dev Discussions
1

Hello, the fix, made by an LLM, to the ProtonDrive backend, is around 100 LOC.

Repo Added Removed Net
go-proton-api 93 8 +85
Proton-API-Bridge 27 10 +17
rclone 1 1 0
Total 121 19 +102

_Clean Room_ Summary: Fixing Proton Drive File Uploads

Problem

All file uploads fail with HTTP 422 on POST /storage/blocks. Read operations work fine.

Root Cause

Proton's block upload API (POST /drive/blocks) now requires a per-block verification token. Without it, the server issues upload URLs that reject the actual block data.

Required Changes

1. Block Upload Request β€” New Fields

The block upload request (POST /drive/blocks) must include:

  • VolumeID at the top level (alongside ShareID, LinkID, RevisionID)

  • Verifier.Token (base64 string) per block entry in BlockList

  • Size and Hash per block are no longer required (deprecated)

2. New API Endpoint β€” Verification Code

Before uploading blocks, the client must call:

GET /drive/v2/volumes/{volumeID}/links/{linkID}/revisions/{revisionID}/verification

This returns VerificationCode (base64) and ContentKeyPacket.

3. Token Computation

For each encrypted block:

  1. Base64-decode the VerificationCode β†’ 32 bytes

  2. XOR the first 32 bytes of the encrypted block data with the verification code, byte by byte

  3. Base64-encode the result β†’ this is Verifier.Token

If the encrypted block is shorter than 32 bytes, treat missing bytes as zero.

4. Storage Server Request

When uploading the actual block data to the storage server (POST <bareURL>):

  • Send only the pm-storage-token header β€” do not forward API auth headers (Authorization, x-pm-uid)

  • Multipart form part should have field name Block, filename blob, and no Content-Type on the part

5. App Version String

The x-pm-appversion header must match: external-drive-{name}@{semver}-{channel}
Example: external-drive-rclone@1.0.0-beta+rclone

Upload Flow (Updated)

  1. Create draft revision β†’ get LinkID, RevisionID

  2. Fetch verification code from the new endpoint using VolumeID, LinkID, RevisionID

  3. Encrypt each block

  4. Compute verification token per block (XOR first 32 bytes)

  5. Request upload URLs via POST /drive/blocks with VolumeID and Verifier.Token per block

  6. Upload block data to storage server (pm-storage-token only)

  7. Commit revision

2

welcome to the forum,

the proton drive backend is very popular but unfortunately was recently deprecated.
i am a paid customer of protondrive but have been disappointed with proton's lack of support for rclone.

now, if you have a working solution for rclone, that would be great!

where can we find the source code changes, at github or what?

3

I haven’t published them. I’d prefer a human to implement it and become the maintainer.

4

me too.
however, the reason the protondrive backend is deprecated, is that the human maintainer has not visited the forum in two years.

so, if you just 100 lines of source code
please post them and make it easier for somebody to volunteer their time to maintain.

5

Let me talk to devs to check their LLM contribution policy.

1 Like
Proton drive - mark it as unsupported?
6

This is fantastic, thank you for taking the time to do this! While I agree with asdffdsa that this still would not necessarily resolve the maintenance problem, getting these changes implemented would definitely be a great step in the right direction.

7

`mount` is working properly. `copy` is not.
Debugging w/LLM.

8

I haven't had the time to look at this yet.

Anyway, here’s the compile instructions – the folders mentioned are also under the same user.