Keyline is built in the open
"We can't read your secrets" is only worth something if you can check it. So the design docs, the compliance homework, and even the launch plan are public. This page is the map.
Verify the security claims
- Security posture: what our servers hold, the primitives, how to report a vulnerability.
- Encryption design: the full scheme, key hierarchy, threat model, and known trade-offs.
- Public audit anchors: every workspace's audit chain head, witnessed daily. If we rewrote history, this repo would prove it.
- The source: the entire product, tests included.
The operational homework, public too
- SOC 2 readiness program: a gap assessment that names what a one-person company honestly cannot have yet, and seven policies that describe real practice.
- External review packet: prepared and waiting for the independent reviewer; the engagement status is stated honestly on the security page.
- The launch runbook: yes, even the go-live checklist and the announcement plan are in the repo.
Why publish all this
Trust in a secrets manager cannot come from a landing page adjective. It comes from documents you can read, code you can run, and public records that would expose us if we cheated. A company of one cannot offer a compliance department. It can offer receipts.
Two minutes to the first encrypted push
$ curl -fsSL keyline.sh/install | sh
Solo is free forever. Team is $19 flat for up to 10 people, 14-day trial.
See the whole journeyNo card for Solo. Your secrets are encrypted before they leave your laptop.