alt Hacker NewsI don't have a job where I need this, but I love the UI experimentation you're doing here -- "fast muscle memory folder-based encrypted snippets for devops" makes total sense as a different need than most password manager users, and I love it when people discover a way of interacting that clicks more with their brain.
I wonder if you could try a variation that keeps passwords in an existing password manager and just uses this as an alternate UI client -- for example with the 1Password sdk https://developer.1password.com/docs/sdks/desktop-app-integr... or this technique for KeePassXC https://pypi.org/project/keepassxc-proxy-client/ . You could expose existing secrets under an "uncategorized" folder, and add a field like "sklad_folder": "foo/bar" to the secret if the user organizes them.
This way your crypto surface area narrows a lot -- you still need to do the integration securely and be thoughtful about any metadata you cache locally (maybe you don't need any!), but you barely touch actual secrets. And you can freeride on all the edge cases existing password managers handle -- recovery, autolock, sync etc. And you don't need to update passwords in two places. And the trust you're asking from users is less -- if I'm considering using your thing, I don't have to fret about all the little policy things you might have done differently from 1Password, I just have to check if you've made a secure frontend. And I can go partway, open up one vault to the frontend but not others, in a way I clearly understand. I'm paranoid and still wouldn't use a 3rd party client to my password manager, but for people who need this it seems like a much more attractive offer that way.
This is an incredible suggestion. Transitioning Sklad into a "UI-client-as-a-bridge" for established password managers is a fantastic idea for a v2 or a plugin-based architecture.
The point about narrowing the "crypto surface area" is especially sharp. By leveraging the 1Password SDK or KeePassXC-proxy, Sklad could focus entirely on the navigation UX while delegating the heavy lifting of security, sync, and recovery to battle-tested giants.
For the initial launch, I opted for a standalone approach for a few reasons: 1. Zero Dependencies: I wanted a tool that works "out of the box" for developers who might not use a specific password manager or want to keep their CLI/DevOps snippets entirely isolated from their main vault. 2. The "Warehouse" Vibe: Keeping it local-only and standalone fits the "industrial warehouse" aesthetic—you own the file, you own the key, no external APIs involved. 3. Simplicity: As a first step, building a "sovereign" vault was easier to reason about architecturally before diving into complex SDK integrations.
However, I am now seriously considering a "Bridge Mode" where Sklad could act as a fast-access frontend for 1Password/KeePassXC. It would be the best of both worlds: industry-standard security with a "muscle memory" tray interface.
Thank you for this—it’s given me a very clear roadmap for where this could go next!