Keys present in .agilekeychain file

Those blobs listed as SL3 and SL5 in those keys files are actually randomly generated data that is encrypted with a key derived from your Master Password.

Your Master Password is processed to produce what is called a Key Encryption Key (KEK). In this case, we use the KEK to encrypt a 1024 bytes of data that is randomly created at vault creation time. So what you see there are encrypted blobs of data. They are encrypted with (a key derived from) your Master Password.

The keys that are used to encrypt your data are the result of hashing those blobs once decrypted. All of this is so that we have plenty of genuine entropy to work with irrespective of your Master Password. That is, we need truly random keys, even if people's Master Passwords are not truly random.

So what is transmitted as keying material is encrypted random data. I hope that this helps.

I'm glad I could help @chrisbrandhorst.

I think it is great that people are curios and are poking around trying to make sense of what they see in light of our documentation.

The underlying design is far more complicated than things appear on the surface. We really wish it didn't have to be that way, but proper security needs to use truly random keys, irrespective of the Master Password; so the relationship between your Master Password and how things are actually encrypted involves a number of steps.

As a consequence it makes documenting these things hard. We certainly don't want to conceal anything about the design. Indeed, the details of our data formats is documented in gory details. But it does mean that in the documents that we expect most people to look at, we have to provide shorter descriptions.

If you are curious about how we manage to design things so that "Nobody, not even us at AgileBits, ever sees those keys or your Master Password" take a look at Private by Design.