stillvault

Nothing moves
until a human
says so.

the problem

Your server

or your secret vendor

can decrypt.

app-prod-01 · disk at rest

prod/db-primary = postgres://u:hunter2@…

prod/stripe-key = sk_live_51M…q0Z

root@app-prod-01:~# cat .env

today's tools share one flaw

They all still hold your key.

✗

plaintext file
root reads your secrets

✗

pass / gpg-agent
your key is cached on the box

✗

Vault / Doppler
their cloud holds your key

✗

push-MFA
your server still decrypts

What if nothing moved
until you said so?

sealed at rest

Still. Dark. Sealed.

prod/db-primary

sealed · only ciphertext on disk

your agent needs the credential

claude@app-prod-01 → release prod/db-primary

cryptographically bound to your org

prod/db-primary bound · org=acme · cannot be spoofed or redirected

your approver, behind a biometric

First approver wins.

release request

prod/db-primary

→ claude@app-prod-01

Countersign

prod/db-primary

countersigned · key never left the phone

our service in the middle

We relay a result we cannot read.

stillvault cloud █████████████ ciphertext · no key here, ever

delivered for one use

prod/db-primary lease 15m

lease expired · forgotten · sealed again

No secret leaves the vault
without a named human
approving it.

stillvault

stillvault.ai