ripenv | Devpost

ripenv CLI
Landing
Dashboard

Inspiration

When collaborating on code, we always sent out API keys over plaintext on Discord/WhatsApp etc (very unsecure!). We built ripenv as a solution to this fundamental problem every software developer faces in their life.

There is a growing crisis of secret management in the software industry. With millions of API keys, tokens, and credentials being accidentally leaked on public repositories or compromised in supply chain attacks, we wanted to build a solution that could protect developers and organisations from catastrophic breaches. The idea was to create a tool that doesn’t just secure secrets but does so with a zero-trust, security-first philosophy without sacrificing developer experience.

What it does

ripenv is a comprehensive platform for managing encrypted environment files and API secrets across development teams. It provides:

Zero-trust cryptography with client-side encryption and per-file key rotation.
Granular team management with a web dashboard, project-based permissions, and Supabase integration.
Developer-friendly CLI with natural language support powered by Google Gemini.
CI/CD integration for automated secret rotation and secure deployment pipelines.
Lifecycle management including generation, distribution, rotation, and revocation of secrets.

In short: Git maintains your code. ripenv protects your secrets.

How we built it

Frontend: Next.js 14 with Tailwind CSS for a sleek, cyberpunk-inspired dashboard. Authentication and team management are handled through Supabase. Cryptography in the browser is powered by WebCrypto API and TweetNaCl.
Backend: Python 3.10+ powers the CLI and API, with PyNaCl for crypto operations and Argon2id for password hashing. The CLI is built using Click and Rich for a polished terminal experience.
AI Integration: Google Gemini was integrated into the CLI to allow natural language input for command parsing, making secret management intuitive for developers.
Security Model: We designed ripenv with zero-knowledge architecture, ensuring secrets never leave a user’s machine.

Challenges we ran into

Designing cryptographic workflows that provided both maximum security and usability was a balancing act.
Integrating Supabase for real-time team synchronization while maintaining strict access boundaries.
Making the CLI intuitive while handling highly technical cryptographic operations under the hood

Accomplishments that we're proud of

Achieving a zero-knowledge architecture where private keys never leave the client.
Building seamless team management features that integrate naturally with development workflows.
Delivering a cross-platform CLI that feels modern and approachable while handling serious cryptography.
Integrating AI-driven natural language parsing, which makes secret management far more accessible.

What we learned

Security tools must prioritize user experience : developers won’t adopt solutions that are too complex, even if they’re more secure.
Zero-trust cryptography is achievable without slowing teams down, if designed thoughtfully.
Building developer trust requires both technical rigor (cryptographic guarantees) and usability (dashboards, automation, and good DX).
The importance of secret lifecycle management: rotation and revocation are just as critical as encryption.

What's next for ripenv

Expanding integrations with popular platforms like GitHub Actions, GitLab CI, and Kubernetes.
Adding mobile support for secret approval and team management on the go.
Implementing policy enforcement tools for enterprises to define and monitor rotation schedules.
Exploring post-quantum cryptography to future-proof against emerging threats.
Growing the community by encouraging open-source contributions and real-world adoption in dev teams.