Learn how our architecture is designed to secure your secrets.
XSalsa20
and Poly1305
to encrypt and authenticate messages with secret-key cryptography.Curve25519
, XSalsa20
and Poly1305
to encrypt and authenticate messages. And this copy is stored on our servers.envs login
from the CLI installs your public-private key pair locally after decrypting it with your account password.envs init
in the project root directory, saves the project configuration in that directory along with installing your encrypted copy of the chosen organisation’s key.envs set KEY=value
from the CLI, their locally stored copy of the organisation’s key is first decrypted using their private key, then the secret value is encrypted with the decrypted key. This key-value pair is then uploaded on our servers.envs get KEY
, the encrypted secret value is downloaded from our servers and decrypted using the locally stored copy of organisation’s encryption key.