# Show HN: Clavitor – Password manager with two-tier encryption for humans with AI assistants **TL;DR:** A password manager that knows your AI assistant needs your GitHub key, but doesn't need your CVV. Field-level encryption with WebAuthn PRF for L2 secrets. One Go binary, MIT licensed. --- ## The Problem Your Claude/Codex/Cursor agent needs credentials to deploy code, rotate keys, complete 2FA. But every existing password manager is all-or-nothing: - Give the AI your vault password → it sees everything (including your credit card) - Don't give it access → it can't do its job We needed per-field visibility. So we built it. --- ## Two-Tier Encryption **L1 (Credential Encryption):** Server-side key. AI-readable. API keys, SSH keys, TOTP secrets. **L2 (Identity Encryption):** WebAuthn PRF, client-side only. Card numbers, CVV, passport, private keys. The server literally cannot decrypt these — the key is derived from your Touch ID / Face ID / YubiKey in the browser and never leaves. Same entry. Two encryption tiers. The AI sees the GitHub token. It sees that you *have* an Amex card. It cannot see the card number. --- ## Technical Details - **One binary:** `clavitor` → SQLite file on port 1984. No Docker, no Postgres, no Redis. - **MCP-native:** `/mcp` endpoint with `get_credential()`, `get_totp()`, `check_expiring()`. Works with Claude Code, Cursor, Codex. - **LLM import:** Native parsers for Chrome/Firefox/Bitwarden/Proton (12k+ entries instant). LLM fallback for any other format. - **Collision resolution:** Import from multiple sources, newest `timePasswordChanged` wins per entry. - **FIPS 140-3:** Go crypto with CNG/OpenSSL backends where available. --- ## Why This Matters LastPass lost encrypted vaults in 2022. Three years later, attackers are still cracking them — weak passwords first. FBI traced $150M+ in crypto theft to that single breach. Clavitor's L2 fields use WebAuthn PRF. The server never has the key. Even shell access to the box doesn't get your credit card numbers. Math, not policy. --- ## Quick Start ```bash # Self-host in 30 seconds curl -fsSL clavitor.ai/install.sh | sh ./clavitor # Running on http://localhost:1984 # Claude Code MCP config ~/.claude/mcp.json: { "mcpServers": { "clavitor": { "command": "clavitor", "args": ["mcp"] } } } ``` --- ## Code & License - **GitHub:** https://github.com/johanj/clavitor - **License:** MIT - **Language:** Go 1.24 - **Platforms:** Linux/amd64, Linux/arm64, Darwin/arm64, Darwin/amd64 The port number is intentional. --- ## Questions? AMA in comments. Happy to discuss the WebAuthn PRF implementation, the MCP protocol design, or why we chose SQLite over "web scale" alternatives.