Envault is a secure, modern vault application built with Next.js, Supabase, and Tailwind CSS. It provides a robust authentication system and a sleek user interface for storing and managing sensitive information.
- Bank-Grade Security: AES-256-GCM encryption with master/data key hierarchy and automatic key rotation.
- Project Workspaces: Organize secrets into distinct projects for better management.
- Team Collaboration: Secure project sharing with role-based access control (Owner, Editor, Viewer).
- Secure Authentication: Powered by Supabase Auth for robust user management.
- Modern UI/UX: Built with Tailwind CSS, Shadcn UI, and Framer Motion for a premium experience.
- Interactive 3D Elements: High-performance 3D visuals powered by React Three Fiber.
- Keyboard First: Navigate efficiently with fully customizable, conflict-free hotkeys.
- Responsive Design: Fully responsive layout that works seamlessly on desktop and mobile.
- Dark Mode Support: Built-in support for light and dark themes.
- CLI Support: Manage your secrets directly from your terminal.
- Real-time System Status: Monitor system health, active incidents, and historical uptime with a dedicated status page.
- Comprehensive Documentation: Integrated docs site with guides, API reference, and CLI documentation.
Envault comes with a high-performance Go CLI to manage your secrets without leaving your terminal.
macOS & Linux (Universal)
curl -fsSL https://raw.githubusercontent.com/DinanathDash/Envault/main/install.sh | shmacOS (Homebrew)
brew tap DinanathDash/envault
brew install envaultFor more details, check out the CLI Documentation.
Envault uses a hybrid encryption model to ensure maximum security:
- Master Key: A 32-byte key stored in environment variables, used solely to encrypt/decrypt Data Keys.
- Data Keys: Unique keys for encrypting actual data. These are stored encrypted in the database.
- Key Rotation: Data keys can be rotated. The active key is cached in Redis for high performance without compromising security.
- AES-256-GCM: Industry-standard authenticated encryption for all secrets.
- Framework: Next.js (App Router)
- Database & Auth: Supabase
- KV Store: Upstash Redis
- Documentation: Fumadocs
- Styling: Tailwind CSS
- UI Components: Shadcn UI / Radix UI
- 3D & Graphics: React Three Fiber / Three.js
- Animations: Framer Motion
- Icons: Lucide React
- State Management: Zustand
- Forms: React Hook Form + Zod
- Notifications: Sonner
- Analytics: Vercel Analytics
Follow these steps to get the project running locally.
- Node.js 18+ installed
- A Supabase project set up
-
Clone the repository
git clone https://github.com/dinanathdash/envault.git cd envault -
Install dependencies
npm install # or yarn install # or pnpm install # or bun install
-
Environment Setup
Copy the example environment file:
cp .env.example .env.local
Open
.env.localand add your Supabase credentials:NEXT_PUBLIC_SUPABASE_URL=your-project-url NEXT_PUBLIC_SUPABASE_ANON_KEY=your-anon-key # Generate a secure key: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))" ENCRYPTION_KEY=your-64-char-hex-key SUPABASE_SERVICE_ROLE_KEY=your-service-role-key UPSTASH_REDIS_REST_URL=your-upstash-url UPSTASH_REDIS_REST_TOKEN=your-upstash-token
-
Run the development server
npm run dev
Open http://localhost:3000 with your browser to see the result.
We welcome contributions! Please see CONTRIBUTING.md for details on how to submit a pull request and our code of conduct.
This project is licensed under the MIT License - see the LICENSE file for details.