Security
How Env Butler protects your secrets — and what it explicitly does not do.
Zero-Knowledge Model
Your Master Key never leaves your machine. It is never stored on disk, never transmitted over the network, and only held in memory during encryption/decryption. Supabase stores only encrypted blobs it cannot read.
What this means:
- If someone accesses your Supabase database, they get encrypted blobs — useless without your Master Key
- If you lose your Master Key, nobody can recover your data — not even us (use your Recovery Kit)
- There is no "forgot password" flow. Your 24-word Recovery Kit is your only backup.
Encryption
Every push produces a fresh encrypted blob with unique salt and nonce:
[salt: 16 bytes] [nonce: 12 bytes] [ciphertext: variable] Salt → random per encryption, fed to Argon2id for key derivation Nonce → random per encryption, used by AES-256-GCM Cipher → AES-256-GCM encrypted zip archive
AES-256-GCM
Authenticated encryption — any tampering with the ciphertext is detected on decryption. 256-bit key, widely trusted by governments and security standards.
Argon2id
Memory-hard key derivation function. Resistant to GPU and ASIC brute-force attacks. Winner of the Password Hashing Competition.
Surgical Butler: 3-Layer Safety
Prevents you from accidentally syncing files that should never be in a vault.
Layer 1 — Allowlist
Only scans files matching .env, .env.local, .env.development, .env.production, .env.staging, and similar patterns. Everything else is ignored.
Layer 2 — Content Fingerprint
Inspects file contents. Blocks SSH private keys, certificates, binary files, and any file larger than 50KB. Files with embedded private keys in values (e.g., PRIVATE_KEY="...") are allowed with a warning.
Layer 3 — Push Preview
Non-skippable modal before every push. Shows every file that will be synced, variable counts, and highlights potentially sensitive keys. You must explicitly confirm.
BIP39 Mnemonic as Master Key
Your Master Key is a 24-word mnemonic generated using the BIP39 standard — the same standard used by Bitcoin and Ethereum wallets. The mnemonic IS the key — there is no separate password.
- Deterministic — the same 24 words always produce the same encryption key
- Save it offline (printed paper, password manager, safe deposit box)
- Never share it — anyone with your 24 words has full access to your vault
- Enter your mnemonic when pushing or pulling — it is never stored on disk
Build Verification
Every release is built on GitHub Actions — publicly. No local builds, no mystery binaries.
- Go to Actions and find the release build for your version
- Open the build log and find the SHA-256 hash for your file
- Compare with
checksums.txton the Release page
# macOS shasum -a 256 Env-Butler_*.dmg # Windows (PowerShell) Get-FileHash Env-Butler_*.exe -Algorithm SHA256
Threat Model
| Threat | Mitigation |
|---|---|
| Supabase breach | Attacker gets encrypted blobs — unusable without Master Key |
| Master Key theft | Key is never stored on disk. 24-word mnemonic entered only when needed. |
| Brute-force | Argon2id makes each guess expensive (memory + CPU bound) |
| Ciphertext tampering | AES-256-GCM detects any modification on decryption |
| Accidental secret sync | Surgical Butler blocks SSH keys, certs, binaries before upload |
| Malicious binary | All builds are public on GitHub Actions with SHA-256 checksums |