{
  "slug": "safe/persist-adapter",
  "title": "Persist Adapter",
  "description": "Configure the alpha Cuitty Persist adapter for Safe records with mandatory E2EE guardrails.",
  "url": "https://cuitty.com/docs/safe/persist-adapter",
  "markdown_url": "https://cuitty.com/docs/safe/persist-adapter.md",
  "json_url": "https://cuitty.com/docs/safe/persist-adapter.json",
  "frontmatter": {
    "title": "Persist Adapter",
    "description": "Configure the alpha Cuitty Persist adapter for Safe records with mandatory E2EE guardrails.",
    "order": 5,
    "section": "Safe",
    "updatedAt": "2026-06-09"
  },
  "headings": [
    {
      "depth": 1,
      "slug": "persist-adapter",
      "text": "Persist Adapter"
    },
    {
      "depth": 2,
      "slug": "configuration",
      "text": "Configuration"
    },
    {
      "depth": 2,
      "slug": "guardrails",
      "text": "Guardrails"
    },
    {
      "depth": 2,
      "slug": "record-shape",
      "text": "Record shape"
    }
  ],
  "body_markdown": "# Persist Adapter\n\nThe Persist adapter stores Safe records in Cuitty Persist's `secret` storage class with end-to-end encryption.\n\n> Alpha caveat: Cuitty Safe's Persist adapter is alpha until Persist's E2EE profile runtime reaches GA. Use it sparingly for high-value production credentials. Prefer 1Password service accounts or a locked local vault for production CI/CD until GA security review, recovery testing, and multi-device revocation testing are complete.\n\n## Configuration\n\n```ts\nimport { createSafePersistAdapter } from \"@cuitty/safe/server\";\n\nconst adapter = createSafePersistAdapter({\n  profile: \"local-first-laptop\",\n  account: \"acme\",\n  safe: \"dev\",\n  namespace: \"safe/acme/dev\",\n  storageClass: \"secret\",\n  syncMode: \"manual\",\n  alpha: true,\n  acknowledgeE2eeRisk: true,\n});\n```\n\n## Guardrails\n\n- `alpha: true` and `acknowledgeE2eeRisk: true` are required.\n- Manual sync is the default.\n- Remote writes are blocked unless encryption is `required`.\n- Remote Persist targets must show a visible warning in UI and CLI output.\n- Audit metadata includes device id, key fingerprint, profile id, provider, result, and timestamp.\n- Persist access controls are not the only boundary. Safe encryption remains mandatory.\n\n## Record shape\n\nPersist Safe records contain encrypted envelopes and metadata:\n\n```ts\ninterface PersistSafeSecretRecord {\n  id: string;\n  ref: string;\n  account: string;\n  safe: string;\n  secret: string;\n  envelope: SafeEncryptedEnvelope;\n  metadata: SafeSecretMetadata;\n  createdAt: string;\n  updatedAt: string;\n  deletedAt?: string;\n}\n```\n\nList operations return metadata only. Read operations require explicit resolution and must redact values from errors and logs.",
  "body_html": "<h1 id=\"persist-adapter\">Persist Adapter</h1>\n<p>The Persist adapter stores Safe records in Cuitty Persist’s <code>secret</code> storage class with end-to-end encryption.</p>\n<blockquote>\n<p>Alpha caveat: Cuitty Safe’s Persist adapter is alpha until Persist’s E2EE profile runtime reaches GA. Use it sparingly for high-value production credentials. Prefer 1Password service accounts or a locked local vault for production CI/CD until GA security review, recovery testing, and multi-device revocation testing are complete.</p>\n</blockquote>\n<h2 id=\"configuration\">Configuration</h2>\n<pre class=\"astro-code github-dark\" style=\"background-color:#24292e;color:#e1e4e8; overflow-x: auto;\" tabindex=\"0\" data-language=\"ts\"><code><span class=\"line\"><span style=\"color:#F97583\">import</span><span style=\"color:#E1E4E8\"> { createSafePersistAdapter } </span><span style=\"color:#F97583\">from</span><span style=\"color:#9ECBFF\"> \"@cuitty/safe/server\"</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"></span>\n<span class=\"line\"><span style=\"color:#F97583\">const</span><span style=\"color:#79B8FF\"> adapter</span><span style=\"color:#F97583\"> =</span><span style=\"color:#B392F0\"> createSafePersistAdapter</span><span style=\"color:#E1E4E8\">({</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  profile: </span><span style=\"color:#9ECBFF\">\"local-first-laptop\"</span><span style=\"color:#E1E4E8\">,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  account: </span><span style=\"color:#9ECBFF\">\"acme\"</span><span style=\"color:#E1E4E8\">,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  safe: </span><span style=\"color:#9ECBFF\">\"dev\"</span><span style=\"color:#E1E4E8\">,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  namespace: </span><span style=\"color:#9ECBFF\">\"safe/acme/dev\"</span><span style=\"color:#E1E4E8\">,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  storageClass: </span><span style=\"color:#9ECBFF\">\"secret\"</span><span style=\"color:#E1E4E8\">,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  syncMode: </span><span style=\"color:#9ECBFF\">\"manual\"</span><span style=\"color:#E1E4E8\">,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  alpha: </span><span style=\"color:#79B8FF\">true</span><span style=\"color:#E1E4E8\">,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">  acknowledgeE2eeRisk: </span><span style=\"color:#79B8FF\">true</span><span style=\"color:#E1E4E8\">,</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">});</span></span></code></pre>\n<h2 id=\"guardrails\">Guardrails</h2>\n<ul>\n<li><code>alpha: true</code> and <code>acknowledgeE2eeRisk: true</code> are required.</li>\n<li>Manual sync is the default.</li>\n<li>Remote writes are blocked unless encryption is <code>required</code>.</li>\n<li>Remote Persist targets must show a visible warning in UI and CLI output.</li>\n<li>Audit metadata includes device id, key fingerprint, profile id, provider, result, and timestamp.</li>\n<li>Persist access controls are not the only boundary. Safe encryption remains mandatory.</li>\n</ul>\n<h2 id=\"record-shape\">Record shape</h2>\n<p>Persist Safe records contain encrypted envelopes and metadata:</p>\n<pre class=\"astro-code github-dark\" style=\"background-color:#24292e;color:#e1e4e8; overflow-x: auto;\" tabindex=\"0\" data-language=\"ts\"><code><span class=\"line\"><span style=\"color:#F97583\">interface</span><span style=\"color:#B392F0\"> PersistSafeSecretRecord</span><span style=\"color:#E1E4E8\"> {</span></span>\n<span class=\"line\"><span style=\"color:#FFAB70\">  id</span><span style=\"color:#F97583\">:</span><span style=\"color:#79B8FF\"> string</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"><span style=\"color:#FFAB70\">  ref</span><span style=\"color:#F97583\">:</span><span style=\"color:#79B8FF\"> string</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"><span style=\"color:#FFAB70\">  account</span><span style=\"color:#F97583\">:</span><span style=\"color:#79B8FF\"> string</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"><span style=\"color:#FFAB70\">  safe</span><span style=\"color:#F97583\">:</span><span style=\"color:#79B8FF\"> string</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"><span style=\"color:#FFAB70\">  secret</span><span style=\"color:#F97583\">:</span><span style=\"color:#79B8FF\"> string</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"><span style=\"color:#FFAB70\">  envelope</span><span style=\"color:#F97583\">:</span><span style=\"color:#B392F0\"> SafeEncryptedEnvelope</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"><span style=\"color:#FFAB70\">  metadata</span><span style=\"color:#F97583\">:</span><span style=\"color:#B392F0\"> SafeSecretMetadata</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"><span style=\"color:#FFAB70\">  createdAt</span><span style=\"color:#F97583\">:</span><span style=\"color:#79B8FF\"> string</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"><span style=\"color:#FFAB70\">  updatedAt</span><span style=\"color:#F97583\">:</span><span style=\"color:#79B8FF\"> string</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"><span style=\"color:#FFAB70\">  deletedAt</span><span style=\"color:#F97583\">?:</span><span style=\"color:#79B8FF\"> string</span><span style=\"color:#E1E4E8\">;</span></span>\n<span class=\"line\"><span style=\"color:#E1E4E8\">}</span></span></code></pre>\n<p>List operations return metadata only. Read operations require explicit resolution and must redact values from errors and logs.</p>",
  "links_out": []
}