Skip to main content

Crate envseal

Crate envseal 

Source
Expand description

envseal — sudo can’t read your keys.

Write-only secret vault with process-level access control, out-of-band GUI approval, and a master key that is sealed to the physical device. Built for a world where AI agents have full shell access to developer machines.

§Security Architecture

  • Passphrase-protected master key: Argon2id KDF, GUI-only entry.
  • Hardware-sealed master key (vault::hardware): outer wrap by Windows DPAPI, macOS Secure Enclave, or Linux TPM 2.0. A copy of master.key does not decrypt on any other machine.
  • Memory hardening: memfd_secret on Linux 5.14+, mlock + prctl(PR_SET_DUMPABLE, 0) everywhere else, VirtualLock on Windows, zeroize on drop.
  • Environment sanitization: LD_PRELOAD/LD_AUDIT/PYTHONPATH/ NODE_OPTIONS detection at every boundary.
  • Binary integrity (policy::rules): SHA-256 hash verification before injection, argv-fingerprint binding so an Allow Always for wrangler deploy doesn’t extend to wrangler --shell evil.
  • Policy signing: HMAC-SHA256 tamper detection on policy.toml.
  • Sandbox tiers (sandbox): None / Hardened / Lockdown across Linux namespaces, macOS SBPL, Windows Job Objects (latter via pre-spawn CREATE_SUSPENDED + NtResumeProcess so the child is born inside the job).
  • Out-of-band approval (gui): GUI popup or paired-device relay; relay-required mode fails closed if relay is unavailable.
  • Developer-migration UX (migration): preexec hooks for bash/zsh/fish, shell-history scanner, drop-in compatibility shims for op / doppler / vault CLI surfaces.
  • Zero CLI surface: secrets never appear in CLI args or shell history.

Re-exports§

pub use config as security_config;
pub use config::totp;
pub use execution::inject;
pub use execution::supervised as supervisor;
pub use file as envseal_file;
pub use gui::relay;
pub use vault::health as secret_health;
pub use vault::keychain;

Modules§

audit
Audit log — append-only record of all secret access events.
config
Persistent configuration — security tiers, detection→policy overrides, on-disk persistence, and second-factor (TOTP) state.
error
Error types for envseal.
execution
Execution modes — every path through which a decrypted secret reaches a child process.
file
.envseal file format — drop-in .env replacement.
guard
Runtime security guards.
gui
Cross-platform GUI dialog orchestration. Cross-platform GUI dialog orchestration — the user-facing security boundary.
migration
Developer-migration tooling — make switching to envseal cheaper than continuing to paste secrets.
ops
High-level operations — the unified API for all envseal consumers.
policy
Whitelist policy management with integrity verification.
sandbox
Process sandbox — OS-level isolation expressed as an abstract tier.
vault
Vault — encrypted secret storage and master-key lifecycle.

Macros§

envseal_file
Expands to the file name in which it was invoked.