Secret firewall for developers
Your secrets are one paste away from a transcript. Keep them local.
Vardra is a native zero-knowledge secrets manager for developers using AI agents, CLIs, hooks, and local apps without turning live credentials into copied plaintext.
Value
[hidden on this screen] Safe preview
[REDACTED: POSTMARK_SERVER_API_TOKEN] The problem every developer recognizes
Secrets rarely leak because someone planned to leak them.
They leak because real work is messy: debugging, selecting, pasting, logging, scanning, and asking an AI agent for help at 8:50pm.
You highlight the wrong `.env` lines
A normal support or AI-debug moment turns a live token into permanent transcript history.
A hook prints the token it found
The guardrail works, but the output still exposes the credential everyone now has to rotate.
Ignored runtime files sit inside repo scope
Local OAuth and cloud tokens end up close enough to source that scans, logs, and agents trip over them.
One vault boundary
The same secret boundary across the places developers actually work.
Desktop vault
Keep live credentials out of chat
Search, edit, generate, recover, and resolve conflicts from a local-first desktop vault before any tool sees a value. macOS v0.1 target; Windows plannedBrowser fill
Fill only when the origin matches
Local extension bringup reads the active origin, shows matched credentials, and keeps TOTP in the same flow. Chrome, Firefox, Safari plannedMobile unlock
Approve sensitive actions on-device
Face ID, biometric unlock, pairing, and recovery flows keep user intent visible before secrets move. iOS and Android in developmentCLI access
Pull secrets without printing them
Developers get terminal access without a separate secret store, copied `.env`, or weaker plaintext workflow. macOS and Linux v0.1 target; Windows plannedTrust boundary
The account can move data. The vault keeps secrets out of the blast radius.
Vardra does not sell a vague promise to keep passwords safe. It gives developer workflows a harder boundary: local unlock, explicit reveal, encrypted sync, and no server-side vault key.
Read the security modelStore once
Credentials live in the vault instead of scattered across `.env`, shell history, notes, and AI prompts.
Unlock locally
The master password and device key derive the vault key on the current device before anything is revealed.
Inject deliberately
Use CLI and native flows to hand tools the specific secret they need instead of pasting whole files.
Rotate when exposed
When a credential does leak, the same source of truth makes cleanup and replacement explicit.
Pricing
Start with the personal vault before the next token gets pasted somewhere permanent.
Live now
Personal
- Authenticated encryption + Argon2id key derivation
- Encrypted cloud sync across your devices
- 1Password / CSV / KeePass import
- macOS app, Linux headless workflows, and planned native clients
- Optional Emergency Kit recovery
Private beta
Family
- Everything in Personal
- Up to 6 family members
- Shared family vaults
- Emergency access for trusted contacts
- Priority email support
Opening next
Teams
- Everything in Personal, per seat
- Shared team vaults
- Role-based vault access controls
- SSO integration
- Priority email support
Objections answered
What developers need to know before trusting a vault.
Is Vardra just another password manager?
No. Passwords are one use case. The sharper job is controlling how secrets enter developer tools, AI-agent sessions, terminals, and browsers without turning into copied plaintext.
Where do my secrets actually live?
The readable vault opens on your device. If sync is enabled, Vardra relays encrypted payloads that are useless without your local unlock material.
Can Vardra reset my master password?
No. That is the security boundary. Recovery has to come from material you control, not a support override that could open the vault.
Does this replace `.env` files?
For local development, that is the direction: keep canonical values in Vardra and inject only what a process needs. v0.1 starts with native vault and CLI/headless workflows; richer dev-tool guardrails graduate from there.
What happens if a device is lost?
Revoke that device from your account and continue from another paired device or your recovery material. A lost device does not give Vardra plaintext access.
Is this only a desktop app?
v0.1 starts with macOS and Linux headless workflows. Mobile unlock, browser autofill, Windows, and richer native clients stay on the same vault boundary as those surfaces graduate.
Launch path