Dotenvx Armor ⛨

ARMORED KEYS ⛨

Private keys. Off device. Under guard.

Coming soon

Armor up in one command.

One command to harden your private keys.

$ dotenvx armor up

⛨ armored (03C 969)

Keys move off-device.

No longer in .env.keys. Harder to leak. Harder to steal.

Grant decryption, not possession.

Private keys are retrieved only when an authorized workflow needs them. They are used in memory, then gone. Developers, CI, and agents can decrypt without keeping long-lived private keys on disk.

Actor Request Custody

developer decrypt local workflow memory only

github-ci decrypt deploy memory only

agent decrypt scoped task memory only

.env.keys not written to disk none

Armored.
Under guard.

Create Account Contact Us

ARMORED KEYS ⛨

Armor up in one command.

Keys move off-device.

Grant decryption, not possession.

Armored.Under guard.

Armored.
Under guard.