APxAI Vault

Your secrets, encrypted,
across every project.

Paste your keys once. Run any program — any language, any terminal — with secrets injected straight into its memory. No plaintext .env on disk. Ever. The Doppler/Infisical experience, self-hosted, free, and yours.

Get started ↓ How it's secured
AES-256-GCM per-secret HKDF keys master key in OS keychain zero plaintext on disk zero dependencies
256-bit
AES-GCM, NSA TOP-SECRET grade
0
plaintext keys on disk
apps linked to one vault
1 cmd
setup — nothing to memorize
The problem

.env is the convenient way — not the safe way.

A .env is plaintext on your disk that anything can read, and that gets committed to git by accident every single day — the #1 cause of leaked credentials on the planet. The Vault is strictly stronger on every axis.

 plain .envAPxAI Vault
At restplaintextAES-256-GCM ciphertext
Master key— none —OS keychain, hardware-backed
Commit to gitone git add awaypre-commit guard blocks it
Per-secret keysone file, one fateunique HKDF key per secret
Tamper / swapundetectablename-bound (AAD)
Many appsa .env per repoone vault, ∞ linked apps
60-second start

Paste once. Run anything.

No master key to invent or type — vault init generates one and locks it in your OS keychain.

# install — needs Node 18+
curl -fsSL https://www.apxai.co/install.sh | sh

vault init # 256-bit key → your keychain. nothing to remember.
echo 'sk-...' | vault set OPENAI_API_KEY
vault list # your key NAMES (never values)
vault run -- node server.js # secrets injected — no .env needed

Secrets live only in that process's memory, for its lifetime — never on disk, never in shell history, never in git. Works the same for python app.py, rails s, go run, docker compose.

The .env world

Link your whole stack to one vault.

Each app declares what it needs in a tiny .vault.json — just key names, safe to commit. Namespaces keep two apps' DATABASE_URL from ever colliding.

vault import --prefix irongram ~/code/irongram/.env
vault link irongram ~/code/irongram --from irongram
vault run --project irongram -- npm start

🌐 .env world — linked softwares
  apxai          8 scoped     ~/code/APxAI
  cai-news      4 scoped     ~/code/cai-news
  irongram     15 scoped    ~/code/irongram
How it's secured — the honest version

Real cryptography. No theater.

🔒 AES-256-GCM

Every value is sealed with authenticated encryption approved for TOP SECRET. Tampering is detected, not just decryption-failed.

🗝️ A key per secret

HKDF-SHA256 derives a unique key for every secret from a scrypt-hardened root. One key never guards two secrets.

🏷️ Identity-bound

Each secret's name is mixed in as AAD — so no one can transplant your STRIPE_TEST ciphertext into your STRIPE_LIVE slot.

🛡️ Master key never on disk

Generated 256-bit and stored in your OS keychain (Secure Enclave on Apple silicon). Steal the vault file → you get useless ciphertext.

What it does NOT do (so you're never surprised): vault run doesn't sandbox the program you hand secrets to — that program can read the env you give it. That's the point. Scope each .vault.json to only what its app needs. Like all encryption, security reduces to protecting the master key — which is exactly why it lives in your keychain, not your hands.

Pricing

Free forever, solo. $1/mo for teams.

Doppler charges per seat for exactly this. The CLI and your local vault are free and self-hosted — always.

Solo / CLI
$0 / forever
  • Full CLI: init, set, run, link
  • Unlimited secrets · up to 3 linked apps
  • OS-keychain master key
  • Pre-commit secret guard
  • Self-hosted, zero deps
Pro
$1 / mo
  • Everything in Solo
  • Unlimited linked apps
  • Secret rotation + rollback
  • Offline verification · renews while subscribed
  • Your secrets still never leave your machine
Get Pro — $1/mo
Self-host Pro
free / OSS
  • Run the Hub on your own box
  • Bring your own keychain / KMS
  • No per-seat fee, ever
  • MIT-spirited, your data only
Install the CLI ↓ Read the docs