Auth Box is an open-source, zero-knowledge password manager with seed phrase sovereignty. We welcome contributions.
- Node.js 22+
- pnpm 10+
- Go 1.22+
- Docker (for PostgreSQL + Redis)
git clone https://github.com/MARUCIE/10-auth-box.git
cd 10-auth-box
pnpm install
make dev-fullpackages/crypto/-- Core cryptography (BIP-39, HD keys, AES-256-GCM, SRP-6a)packages/shared/-- Shared types and validationpackages/mcp-protocol/-- MCP WebSocket server + policy engineapps/web/-- Next.js 15 web applicationapps/console/-- Public portal + admin dashboardapps/extension/-- Chrome MV3 extensionservices/api/-- Go API server
make test-crypto # 21 seed phrase + HD key tests
make test-api # 6 SRP-6a protocol tests
make build # Build all packages- Security first: All crypto changes require test coverage. No exceptions.
- No server dependency for core: Vault must work offline. Server is optional sync.
- Seed phrase is sacred: Never log, transmit, or store the seed phrase on any server.
- Vault Onyx design: Follow the design system in
design/VAULT_ONYX_DESIGN_SYSTEM.md.
MIT -- see LICENSE.