I built Enveil because I kept seeing the same security problem on every team I worked on: .env files committed by accident, shared over Slack, or copied between machines with no control over who has what.
Enveil stores environment variables in a SQLCipher-encrypted vault and injects them directly into your process at runtime via syscall.Exec. No .env file is ever created — secrets never touch disk as plaintext.
For teams it includes a self-hosted server. One developer pushes the secrets once with `enveil server push`, everyone else connects and runs their apps normally without ever having a .env file on their machine. Values are encrypted on the client before being sent — the server never sees plaintext.
A few technical decisions worth discussing:
- SQLCipher over application-level encryption so the entire database is encrypted, including table names and variable names
- Argon2id for key derivation (64MB memory, 4 threads)
- AES-GCM for transport encryption
- Daemon that holds the master key over a Unix socket so you type your password once per session
- Pre-commit hook with Shannon entropy analysis to catch secrets before they reach version control
It is MIT licensed and still early. I would genuinely love to hear suggestions, criticism, and ideas from this community — there is a lot I want to improve and outside perspective would help a lot.
I built Enveil because I kept seeing the same security problem on every team I worked on: .env files committed by accident, shared over Slack, or copied between machines with no control over who has what.
Enveil stores environment variables in a SQLCipher-encrypted vault and injects them directly into your process at runtime via syscall.Exec. No .env file is ever created — secrets never touch disk as plaintext.
For teams it includes a self-hosted server. One developer pushes the secrets once with `enveil server push`, everyone else connects and runs their apps normally without ever having a .env file on their machine. Values are encrypted on the client before being sent — the server never sees plaintext.
A few technical decisions worth discussing:
- SQLCipher over application-level encryption so the entire database is encrypted, including table names and variable names - Argon2id for key derivation (64MB memory, 4 threads) - AES-GCM for transport encryption - Daemon that holds the master key over a Unix socket so you type your password once per session - Pre-commit hook with Shannon entropy analysis to catch secrets before they reach version control
https://github.com/MaximoCoder/Enveil
It is MIT licensed and still early. I would genuinely love to hear suggestions, criticism, and ideas from this community — there is a lot I want to improve and outside perspective would help a lot.