johan
/
clavitor
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
clavitor/docs/KILLER-FEATURES.md

97 lines
3.8 KiB
Markdown
Raw Blame History

# Clavitor — Killer Features
## 🥇 Tier 1 — Nobody else has this
### 1. Field-level AI visibility
Not entry-level. Not vault-level. **Per field.**
Your AI sees your Amex card exists, knows it expires 09/28, but cannot read the number or CVV.
The `l2: true` flag is enforced by cryptography, not policy.
### 2. Two-tier encryption with WebAuthn PRF
L2 key derived client-side from Touch ID / Face ID / YubiKey / Titan Key.
Key never exists on server. Not in memory. Not in logs. Not in transit.
Even a fully compromised server = L2 stays secret.
This is mathematically different from "we encrypt it" — the decryption capability doesn't exist server-side.
### 3. AI-powered 2FA (TOTP) completion
Mark your GitHub TOTP as L1 → your AI can complete 2FA flows autonomously.
`get_totp("GitHub")` → live 6-digit code → AI logs in without asking you.
No existing password manager exposes TOTP to AI agents intentionally.
### 4. LLM field mapping in browser extension
Doesn't rely on `input[type=password]` heuristics.
Serializes the form DOM → asks LLM → maps fields by intent, not name.
Works on SPAs, obfuscated field names, multi-step flows, custom components.
A bank with `field_a` and `field_b` as field names? Still fills correctly.
### 5. Collision resolution by source modification date
Import from Chrome + Firefox + Proton simultaneously.
For every duplicate: whichever has the newer `timePasswordChanged` / `modifyTime` / `revisionDate` wins.
Chrome has no timestamps → existing vault wins (safe default).
No other password manager import does date-aware merging.
---
## 🥈 Tier 2 — Better than existing solutions
### 6. One binary, one file, any platform
No Docker. No database server. No cloud account.
`./clavitor` and you're running.
The DB is a SQLite file — copy it to a USB drive, it works anywhere.
Compare: Bitwarden needs Docker + a database + an email server.
### 7. MCP-native from day one
Not a plugin. Not an afterthought.
`/mcp` endpoint with proper tool definitions.
Works with Claude Code, Cursor, Codex, any MCP-compatible client.
`~/.claude/mcp.json` → 5 lines → done.
### 8. Flexible entry model (no schema prison)
No separate tables for logins, cards, identities, notes, SSH keys, shoe sizes.
Everything is an entry with free-form fields.
A "custom API token" entry is valid. A "Grandma's WiFi password" note is valid.
Type is just a UI hint — never constrains the data.
### 9. LLM import from any format
Native parsers for Chrome, Firefox, Bitwarden, Proton (fast, free, handles 12k+ entries).
Fallback: LLM in parallel chunks handles any other format.
Drop a 10-year-old KeePass export → it works.
### 10. Port 1984
"My password manager runs on 1984."
Memorable. Thematic. Everyone gets it instantly.
Marketing you don't have to explain.
---
## 🥉 Tier 3 — Table stakes, done right
### 11. Audit log with actor tagging
Every read logged. AI access tagged as `actor: "mcp"`.
You can see exactly what your AI accessed and when.
Pull up the log: "James read GitHub credentials 3 times today."
### 12. Expiry alerts via MCP
`check_expiring(days=30)` → list of upcoming expirations.
Passport, credit cards, domain certs — anything with an `expires` date.
AI proactively flags these in heartbeat without being asked.
### 13. Password generator — crypto-correct
Not `Math.random()`. `crypto/rand` throughout.
Passphrase mode: correct-horse-battery-staple style.
Built into every field editor.
### 14. WebAuthn recovery via BIP39 mnemonic
12 words generated at setup. Stored physically.
Derives L2 key as last resort.
No email fallback (would break the security model).
No phone fallback (same reason).
The right tradeoff: slightly inconvenient, genuinely secure.
---
## 🎯 The one-liner
> "The only password manager that knows your AI assistant shouldn't know your CVV."
Reference in New Issue View Git Blame Copy Permalink