Scync: Your Secrets. Synced. Encrypted. Everywhere.

Scync is an open-source, zero-knowledge, cross-platform secrets manager built specifically for individual developers. If you are tired of losing track of API keys, burying AWS credentials in a Notion document titled "stuff," or scattering SSH keys across multiple machines, Scync is the missing tool in your workflow. It acts as a calm, organized, and mathematically secure vault for all your developer credentials.

The Problem It Solves

Managing developer secrets as an individual is a fundamentally broken experience. You are usually forced to choose between two bad extremes:

1. The Wrong Tools: Using standard password managers (like 1Password or Bitwarden) that are built for website logins, lacking the metadata, multi-line support, and rotation tracking needed for API keys.

2. The Overkill Tools: Adopting heavy, team-focused CI/CD enterprise solutions (like Doppler or Vault) that require extensive setup just to store a simple token.

3. The Unsecure Habit: Giving up and pasting plaintext secrets into Notion, Apple Notes, or Slack DMs where they are entirely unencrypted and vulnerable.

There hasn't been a personal-first, zero-knowledge tool that is actually pleasant to use—until now. Scync is built around a ruthlessly efficient core loop: Unlock vault → Find secret → Copy value. Everything else is optimized to make that loop lightning-fast.

Key Features

• Purpose-Built for Developers: Tailored UX for API keys, PATs, OAuth secrets, multi-line recovery codes, SSH passphrases, and SSL/TLS certificates.

• Project-Based Organization: Secrets live inside projects, matching how you actually structure your work, rather than sitting in a chaotic, flat list.

• .env & SSH Integration: Seamless drag-and-drop .env file import/export. Generate local RSA/Ed25519 SSH keys and automatically map them to your ~/.ssh/config.

• Expiry & Rotation Dashboard: Proactively tracks key lifecycles so you know exactly what is expiring in 30 days or what hasn't been rotated in over a year.

• Built-in 2FA & Recovery: Native zero-knowledge sync for authenticator codes with real-time countdowns, alongside specialized tracking for remaining recovery codes.

• Zero-Knowledge Sharing: Safely share secrets with clients or peers via encrypted links. The decryption key lives in the URL fragment, meaning the server never sees the plaintext. You can also set view limits and expiration times.

• Native Speed & Biometrics: An installable PWA for desktop and mobile featuring in-memory instant search, one-click masked copying, and WebAuthn hardware-backed biometric unlock (FaceID/TouchID).

Architecturally Secure

Scync is fundamentally built on a Zero-Knowledge Architecture. Your plaintext data never leaves your device. Data is encrypted end-to-end using AES-256-GCM before it ever reaches the backend, which only stores unreadable encrypted blobs. Your vault password is computationally isolated, meaning even in the event of a total server breach, your secrets remain entirely secure.

What Scync Is Not

To keep the tool incredibly fast and focused, Scync purposefully ignores feature bloat. It is not a browser autofill extension, a team-based RBAC tool, or an automated CI/CD injector.

It is a strictly personal, highly opinionated, MIT-licensed tool designed to do one thing perfectly: give solo developers a secure, instantaneous way to manage their workflows. There are no enterprise tiers, no paywalls, and no subscriptions.

Scync is the tool that should have existed the moment you first pasted an API key into a plain text file.