Vault Encryption

Env Vault uses a hybrid encryption scheme to combine the speed of symmetric encryption with the identity-based security of RSA-OAEP. All cryptographic operations are performed locally using the Node.js crypto module.

The Hybrid Encryption Scheme

The vault architecture ensures that sensitive .env data is never exposed. It utilizes a tiered system to manage access for multiple collaborators.

Tier 1: Symmetric Payload Encryption (AES-GCM)

The raw .env data is encrypted using AES-256-GCM. This provides both confidentiality and built-in authenticity tags to prevent data tampering.

Vault Key: A unique, random 32-byte (256-bit) key generated during the lock process.
IV (Initialization Vector): A random 16-byte buffer generated via crypto.randomBytes(16) for every encryption cycle to ensure ciphertext uniqueness.

Tier 2: Asymmetric Key Wrapping (RSA-OAEP)

The AES Vault Key is not stored in plain text. Instead, it is "wrapped" (encrypted) for each authorized SSH identity.

Algorithm: RSA-OAEP with a SHA-256 hash.
The members Schema: The .env.vault file maintains a members list. Each entry contains the AES Vault Key wrapped specifically for a member's public SSH key.

Decryption Lifecycle (The `run` Command)

When executing run, the CLI performs the following operations in-memory:

Identity Resolution: Locates the private key (defaulting to ~/.ssh/id_rsa).
Unwrapping: Uses the private key to unwrap the AES Vault Key associated with your identity in the members list.
Payload Decryption: Uses the unwrapped AES key and the stored IV to decrypt the .env payload.
Process Injection: Decrypted variables are injected into the child process environment. No plain-text secrets ever touch the disk.

Security Standards

Layer	Algorithm	Implementation
Payload	AES-256-GCM	`crypto.createCipheriv`
Key Wrap	RSA-OAEP	`crypto.privateDecrypt` (SHA-256)
Entropy	HMAC-DRBG	`crypto.randomBytes`