Lockkey

Lockkey is a simple and secure secrets manager designed for storing passwords and text with ease.

Login page of Lockkey View project on GitHub

About Lockkey

Lockkey is a lightweight secrets manager focused on security and portability. It securely stores passwords and plain text by deriving an encryption key from your master password using Argon2 and encrypting data with AES-GCM before saving it to disk.

  • Tech Stack: Rust, Svelte, TypeScript, SCSS, Tailwind, SQLite
  • Key Features:
    • Secure storage: Lockkey securely stores your passwords or text on disk using robust encryption.
    • Random password generator: Easily create strong, random passwords with the built-in generator.
    • Clipboard functionality: View your stored passwords or copy them to your clipboard at any time.
    • Offline access & portability: Simply copy your `.secrets` file and use it across devices.
    • Automatic logout: Lockkey automatically signs you out after a period of inactivity, ensuring your data remains secure.
  • Status: Pre-release

Development Process

Lockkey started as a project to learn Rust, but soon evolved into an opportunity to dive deeper into Svelte. Despite the simplicity of the backend, Rust’s ergonomics and easy unit testing sped up development. Here’s a breakdown of how I built it.

The Backend

Lockkey’s backend is a simple SQLite database. The primary challenge was determining the encryption methods and how to keep the master password secure. To address this, Lockkey uses AES-GCM for encryption and derives an encryption key from the user’s master password with Argon2, ensuring the master password is cleared from memory after use.

The Frontend

Building the UI was a challenge. Initially, I considered gtk-rs, but after wrestling with its complexity, I pivoted to using Tauri and WebView to leverage web technologies. After exploring my options, I opted for Svelte, thanks to its excellent documentation and interactive learning experience.

What sold me on Svelte was how everything—scripts, HTML, and styles—was contained within a single `.svelte` file. It streamlined the development process, making Tailwind redundant, as local styling within each component was sufficient.

Challenges with WebView

While Tauri’s WebView simplified UI development, it introduced some limitations. Window resizing can be sluggish, and I encountered some difficulty managing memory securely with JavaScript’s garbage collection system, especially when trying to immediately clear sensitive data. Although I experimented with zeroing out arrays, this led to unexpected behavior, making it feel like a clumsy workaround.

Ultimately, I moved forward despite these issues, acknowledging that WebView’s trade-offs are manageable for the app’s security needs.

Conclusion

Building Lockkey significantly improved my Rust skills and introduced me to Svelte. While I enjoyed using Tauri, for projects that require more control over memory, I’d likely choose a different approach. Still, I’d gladly use Tauri for future projects that prioritize ease of use and cross-platform support.