End-to-end encrypted secret sharing

Stop sharing API keys
on chat.

One vault for your team's credentials. Encrypted in your browser before Firebase ever sees a byte — even we can't read them.

No credit card. Whitelisted Google accounts only.

acme-prod unlocked
  • DATABASE_URL••••••••••••••••
  • STRIPE_SECRET_KEYsk_live_•••••2qZ
  • OPENAI_API_KEY••••••••••••••••
  • JWT_SIGNING_SECRET••••••••••••••••
4 secrets · 3 membersaes-gcm-256

AES-GCM 256

Encrypted client-side with a Master Key derived via PBKDF2-SHA256 (250k iterations). The key never leaves your browser.

Zero-trust storage

Firestore stores nothing but ciphertext. Even a server compromise reveals no plaintext credentials.

Team-ready

Project-scoped sharing. Add teammates by email and share the Master Key out-of-band.

.env import / export

Drop in a .env file, resolve conflicts row-by-row, and export properly-quoted files in one click.

Keyboard-first

Press / to search, N to add. Inline edit, copy, reveal — three clicks to a credential.

Email whitelist

Google OAuth restricted to your allow-listed accounts. Nobody else can even attempt sign-in.