Objective
Make key compromise and accidental data loss significantly harder while keeping recovery practical for operators.
Local-first custody requires durable recovery and strict key isolation defaults.
Objective
Make key compromise and accidental data loss significantly harder while keeping recovery practical for operators.
Secrets are generated and stored locally with encryption at rest. Sensitive artifacts remain outside UI logs and telemetry by default.
Optional hardware wallet integration can be layered for signing-critical flows.
Backup bundles include keys, ledger snapshots, chain data, agent state, and receipts under password-protected encryption.
Restore paths are designed for full environment recovery on a new machine without replay gaps.
Safety defaults include fail-closed execution, explicit permission boundaries, and mandatory signature verification on receipt validation.
Production operators should layer host hardening, secret rotation, and incident runbooks around the runtime.
Continue exploring