7 releases (breaking)
| new 0.14.0 | May 15, 2026 |
|---|---|
| 0.13.0 | May 15, 2026 |
| 0.12.0 | May 14, 2026 |
| 0.9.0 | May 12, 2026 |
| 0.6.0 | May 8, 2026 |
#1589 in Database interfaces
230 downloads per month
Used in 25 crates
(7 directly)
36KB
548 lines
car-secrets
Cross-platform secret store for Common Agent Runtime.
What it does
Unifies OS-native secure storage across the three platforms CAR targets:
| Platform | Backend |
|---|---|
| macOS | Security.framework / Keychain Services |
| Windows | Credential Manager (DPAPI) |
| Linux | Secret Service — GNOME Keyring / KWallet / KeePassXC / anything speaking org.freedesktop.secrets |
The API is intentionally small: put, get, delete, status, list. Callers choose a service (namespace) and account (key); values are UTF-8 strings. JSON helpers are provided for structured values.
Availability
On headless Linux without a Secret Service daemon, put / get / delete return SecretError::Unavailable. There is no silent plaintext fallback. Callers should probe is_available() before relying on the store, or handle Unavailable with their own fallback.
Security boundary
Secrets never enter CAR memory, state, or prompt context unless a caller explicitly reads them and passes them into one of those systems. The store treats a missing backend as a hard error so misconfigured environments are loud, not silently insecure.
Where it fits
Surfaced via the WebSocket secret.* methods. Used by car-integrations for OAuth token storage and by any user app that needs to persist credentials gathered through its own auth flow.
Dependencies
~5–25MB
~251K SLoC