Local-first developer secrets vault with double-layer encryption
Coffre-fort local pour secrets de dΓ©veloppeurs avec double encryption
π¬π§ English Documentation Complete documentation in English |
π«π· Documentation FranΓ§aise Documentation complΓ¨te en franΓ§ais |
- π English Documentation | Documentation FranΓ§aise
- ποΈ Architecture Guide
- πΊοΈ Development Roadmap | Feuille de Route
- π Templates & Plugins
- π€ Contributing Guidelines
- π Security Policy
- π Report Issue
- π¬ Discussions
SilentKey is a professional, local-first secrets vault designed specifically for developers who need to securely manage API keys, tokens, credentials, SSH keys, and sensitive data. Built with SwiftUI, it runs natively on both iOS and macOS with no cloud dependency, no telemetry, and complete transparency.
- Double-Layer Encryption: AES-256-GCM + ChaCha20-Poly1305 for maximum security
- Local-First Architecture: All data stays on your device, no cloud sync required
- Cross-Platform: Native SwiftUI app for iOS 16+ and macOS 13+
- Biometric Authentication: Touch ID / Face ID integration
- Developer-Focused: Optimized for API keys, tokens, credentials, SSH keys, database connections
- Zero Telemetry: No tracking, no analytics, no data collection
- Modern UI: Professional, clean interface with dark mode support
- Export/Import: Encrypted backup and restore functionality
- Project Management: Link secrets to projects with multiple relations
- Smart Trash: 30-day retention with automatic conflict resolution
- Push Notifications: Native macOS alerts for security events
- Apple Intelligence: On-device AI for smart suggestions (macOS 15+)
- HaveIBeenPwned: Automatic password breach detection
Encryption Layers:
- Layer 1 - Field Level: AES-256-GCM for individual secret fields
- Layer 2 - Container: ChaCha20-Poly1305 for the entire vault
- Key Derivation: Argon2id for master key generation
Security Principles:
- Zero plaintext storage on disk
- RAM-only decryption with automatic cleanup
- Sandboxed macOS environment
- Code signing and notarization (macOS 10.15+)
- OWASP compliance
- API Keys (REST, GraphQL, OAuth, JWT, Bearer)
- SSH Keys (RSA, ED25519, ECDSA, DSA)
- Database Credentials (PostgreSQL, MySQL, MongoDB, Redis)
- Cloud Provider Credentials (AWS, Azure, GCP, DigitalOcean)
- Banking Information (encrypted account details)
- Credit Cards (encrypted)
- Secure Notes
- Certificates (SSL/TLS)
- License Keys
- Custom Types (extensible via plugins)
git clone https://github.com/ThePhoenixAgency/SilentKey.git
cd SilentKey
open SilentKey.xcodeproj- Select your target (iOS or macOS)
- Build and run (Cmd+R)
SilentKey/
βββ SilentKeyApp/ # Main app entry
βββ Core/ # Core infrastructure
β βββ Crypto/ # Encryption modules
β βββ Models/ # Data models
β βββ Security/ # Security utilities
β βββ Errors/ # Error handling
βββ Features/ # Feature modules
β βββ Secrets/ # Secret management
β βββ ApiKeys/ # API key handling
β βββ Tokens/ # Token management
β βββ Credentials/ # Credentials
β βββ SSH/ # SSH key manager
β βββ Backup/ # Export/import
β βββ Settings/ # App settings
β βββ QuickSearch/ # Global search
βββ Infrastructure/ # Infrastructure
β βββ Persistence/ # Local storage
β βββ Keychain/ # Keychain integration
β βββ Biometrics/ # Face ID / Touch ID
βββ UI/ # Shared UI components
βββ Docs/ # Documentation
βββ en/ # English docs
βββ fr/ # French docs
- Secure vault for all developer secrets
- Field-level encryption
- Import/Export encrypted backups
- Biometric unlock (Touch ID / Face ID)
- Auto-fill support (macOS)
- Quick search (Cmd+K)
- Dark mode
- Multiple vaults
- Team sharing (E2E encrypted)
- Password generator
- Import from .env files
- Export to various formats
Contributions are welcome! Please read CONTRIBUTING.md for guidelines.
For security vulnerabilities, please open a private security advisory on GitHub or submit an issue.
Commercial License - see LICENSE for details.
For support requests:
- Submit an issue on GitHub: https://github.com/ThePhoenixAgency/SilentKey/issues
- Use the in-app support form (coming soon)
