SYSTEM Cited by 2 sources

FBCrypto

FBCrypto is Meta's managed cryptographic library — the unified crypto implementation used by "the majority of our core infrastructure services" at Meta. Canonical wiki framing from the 2024-12-02 Meta Engineering post on cryptographic monitoring at Meta scale.

FBCrypto matters to this wiki not because of its primitives (the post is not an algorithm post) but because it is the fleet-wide crypto monoculture that makes company-wide observability of cryptographic operations possible without client-side migration: instrumentation added once inside FBCrypto provides inventory + key-overuse detection + migration-prioritisation across every service that calls it.

Role

• Unified crypto primitive surface. AES-GCM-SIV, X25519, KDF-based derived-key features, and (per the 2024-05 post-quantum-readiness TLS post) asymmetric primitives undergoing PQC migration.
• Host-side telemetry owner. The buffered logger that counts cryptographic events lives inside FBCrypto on each client host. No client-visible API change, no per-service migration.
• Derived-crypto producer. Supports deriving "child" keysets from "parent" keysets via a KDF + salt — used by features that need to generate "millions of keys." See concepts/derived-key-aggregation for the logging discipline this drove.

Scale datum

• ~0.05 % of Meta fleet CPU is spent on X25519 key exchange alone — disclosed in the 2024-12-02 post. A library this hot in the fleet CPU footprint cannot afford a per-event Scribe call; this single datum forces the buffer-and-flush telemetry architecture.
• Millions of cryptographic operations per host per day — baseline event rate from the post.

Cryptographic monitoring integration (2024-12-02)

FBCrypto's public API is unchanged by monitoring — the buffered logger sits inside the library. On every operation:

1. Perform the cryptographic operation (e.g. encrypt()).
2. Increment a counter in an in-process folly::ConcurrentHashMap keyed on the event's identifying tuple ("in practice we log more fields than just key name, method, and algorithm").
3. A background thread periodically flushes the accumulated counts through Scribe to Scuba (warm) and Hive (cold), and clears the map.

First-flush is delayed by a per-host random jitter (see patterns/jittered-flush-for-write-smoothing). On shutdown a synchronous final flush drains remaining counts — made possible by folly::Singleton's lifecycle semantics.

Use cases enabled

• Post-quantum migration prioritisation. The dataset is the call-site inventory Meta uses to scope PQC migration work on asymmetric primitives.
• Emergency algorithm migration. When a primitive is broken, the monitoring dataset identifies every call-site to migrate.
• Key-overuse detection. Symmetric keys have finite data-volume budgets before security degrades; the counter dataset enables proactive rotation.
• Library-rollout health proxy. FBCrypto emits its own version alongside events, letting Meta see in real time which fleet hosts run which library version during a rollout + correlate success rates / call volumes for bug detection.

Seen in

• sources/2024-12-02-meta-built-large-scale-cryptographic-monitoring — canonical wiki framing of FBCrypto as the Meta-wide managed cryptographic library whose fleet ubiquity is what makes company-level cryptographic observability tractable via a single library-side instrumentation. Source of every claim on this page.
• sources/2026-04-16-meta-post-quantum-cryptography-migration-at-meta-framework-lesson — FBCrypto positioned as the library PQC migration flows through — the substrate crypto-inventory's automated-discovery side instruments, the surface that receives the PQC guardrails (guideline updates + key-generation friction + build-system API rules), and the library whose asymmetric primitives are migrating to ML-KEM + ML-DSA per Meta's NIST-aligned algorithm-selection policy (ML-KEM-768 default / ML-KEM-512 exception; ML-DSA-65 default / ML-DSA-44 exception). No specific FBCrypto-side rollout numbers disclosed in the 2026-04-16 post; framing is programme-level (multi-year, ongoing).

Related

• systems/scribe-meta — ingestion substrate the flushed counts travel through.
• systems/scuba-meta — warm short-term store for interactive analysis of the flushed counts.
• systems/meta-hive — cold long-term warehouse for the flushed counts.
• systems/folly-concurrenthashmap — the concurrent-map primitive the buffered logger is built on.
• systems/folly-singleton — the singleton primitive FBCrypto uses for the global buffered logger instance.
• concepts/cryptographic-monitoring — the umbrella concept FBCrypto instruments.
• concepts/derived-key-aggregation — the KDF-derived-child-key logging discipline inside FBCrypto.
• concepts/key-overuse-detection — the operational primitive the monitoring dataset feeds.
• concepts/unified-library-leverage — the strategic reason FBCrypto's ubiquity matters for observability.
• patterns/aggregating-buffered-logger — the internal-telemetry architecture FBCrypto implements.
• patterns/unified-library-for-fleet-telemetry — the pattern instance this library canonicalises.
• concepts/post-quantum-cryptography — the migration programme the monitoring dataset is the inventory producer for.
• concepts/crypto-inventory — the umbrella discipline FBCrypto's monitoring is the automated-discovery half of.
• patterns/crypto-api-guardrails — the prevent-new-usages pattern applied to FBCrypto's API surface.
• systems/buck2 — the build-system policy-enforcement point co-acting with FBCrypto's API for the crypto-API guardrails.
• systems/ml-kem / systems/ml-dsa-signature — the PQC primitives FBCrypto is migrating asymmetric use cases toward.