Safe
Safe Desktop
How the planned Safe desktop app manages vaults, connector setup, reveal controls, and local audit review.
Safe Desktop
The Safe desktop app is the local control surface for vaults, connector setup, reveal workflows, and audit metadata.
Suggested local ports:
Safe web app: http://localhost:4360
Safe API: http://localhost:4361
Views
- Safe index grouped by account.
- Safe detail for
account/safe. - 1Password connector setup.
- Persist adapter setup with alpha acknowledgement.
- Local vault lock and unlock.
- Inline encrypted envelope builder.
- Scan findings and migration suggestions.
- Metadata-only audit timeline.
- Sharing stub panel.
Reveal behavior
Secret values are hidden by default. Reveal mode must:
- Require an explicit reveal action.
- Show a countdown.
- Record a metadata-only audit event.
- Clear the value on timeout, blur, route change, or vault lock.
- Keep copy reference separate from copy value.
Native responsibilities
The desktop backend may use a Rust crate for native keychain access, file locking, Tauri commands, local vault process isolation, and future secure enclave or keyring integrations.
Sharing stub
Sharing is reserved for a future Cuitty Auth grants integration. v0 can preview draft metadata, but it must not send invites, create cross-user decrypt grants, or expose invite links.