# envseal (library)
> Write-only secret vault with process-level access control — the core
> Rust library behind the [envseal](https://github.com/santhsecurity/envseal)
> CLI, MCP server, and desktop app.
`envseal` authenticates the *program* asking for a secret, not the user
running it. The plaintext exists in exactly two places: inside the
silicon that minted the master key (Secure Enclave / TPM 2.0 / Windows
DPAPI), and inside the descendant process you authorized at the
keyboard. Nowhere else.
## What's in this crate
- **Vault** — Argon2id passphrase + hardware-bound seal, AES-256-GCM with
per-secret AAD. `envseal::vault::Vault::store/decrypt/list/revoke`.
- **Policy & approval pipeline** — process whitelisting, GUI-gated
approval, sealed config integrity.
- **Guard** — startup audit, signal taxonomy, preexec leak detection.
- **Execution** — `inject` / `pipe` / `supervised` runners with
leak-detecting child supervision and optional sandbox tiers.
- **Audit log** — hash-chained, tamper-evident.
- **MCP / GUI integrations** — typed channel between the worker and
approval surface.
This crate is the library. For end-user workflows, see:
- [`envseal-cli`](https://crates.io/crates/envseal-cli) — `envseal` binary
- [`envseal-mcp`](https://crates.io/crates/envseal-mcp) — MCP server for AI agents
- [`envseal-gui`](https://crates.io/crates/envseal-gui) — pure-Rust native desktop app
## Status
Beta — actively hardening toward 1.0. See the
[main README](https://github.com/santhsecurity/envseal) for design notes,
threat model, and the security CTF.
## License
Dual-licensed under MIT OR Apache-2.0.