Skip to content

NGXSMK/ngxsmk-wallet

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

15 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

NGXSMK Wallet

Privacy-first, fully local Digital Identity, Secrets, Password & Secure Document Manager

License: MIT Tauri Rust React Platform Security

NGXSMK Wallet is an advanced, zero-knowledge, offline-first secure desktop vault designed to keep your digital identity, passwords, credentials, secrets, and private documents completely encrypted and under your exclusive control. Built using modern technologies like Tauri v2, Rust, and React 19, it ensures absolute privacy by storing all vault data locally on your device with no cloud dependencies, no telemetry, and no tracking.

Dashboard

Why Choose NGXSMK Wallet?

Many password managers today force your data into the cloud, while local alternatives often suffer from outdated, clunky interfaces. NGXSMK Wallet brings the best of both worlds:

  • 🚫 No Forced Cloud & Zero Telemetry: Unlike Bitwarden or 1Password, your vault is entirely offline. Your data stays on your machine, period.
  • ⚑ Blazing Fast & Lightweight: Written in Rust using Tauri, it uses a fraction of the memory that Electron-based apps consume, while delivering a modern, beautiful interface.
  • πŸ›‘οΈ More Than Just Passwords: We go beyond simple logins. Manage your FIDO2 Passkeys, Identity Documents, SSH Keys, and encrypted files all in one secure place.
  • πŸ” Built-in Local Secret Scanner: Proactively scan your system and directories to find accidentally exposed credentials or API keys before they become a problem.
  • πŸ’Έ No Subscriptions: Take back ownership of your digital identity without monthly fees.

Table of Contents


Features

NGXSMK Wallet provides all the standard capabilities of traditional local password managers (like KeePass) out-of-the-boxβ€”such as auto-typing, clipboard clearing, and database portabilityβ€”while adding next-generation features that modern users expect.

πŸ” Next-Gen Password & Secret Management

  • Military-Grade Security: AES-256-GCM encryption with Argon2id memory-hard key derivation.
  • Multiple Entry Types: Passwords, Secure Notes, API Keys, SSH Keys, Database Credentials, Software Licenses, and custom fields.
  • Advanced Password Generator: Cryptographically strong random password generator with customizable character sets and strength estimation.
  • Organized Vault: Nested folders, favorites, tagging, and lightning-fast global search (Ctrl+K).
  • Global Auto-Type & Drag-and-Drop: Seamlessly inject credentials into other applications without revealing them.

Add Password Modal Sticky Note Section

πŸ”‘ Passkeys & WebAuthn (FIDO2)

  • Native management of FIDO2/WebAuthn passkeys (no plugins required).
  • Store, view, and organize passkey metadata securely alongside traditional passwords.

⏱️ Built-in Authenticator (TOTP)

  • Integrated TOTP (Time-based One-Time Password) management.
  • Live code generation with a visual countdown timer.
  • Easy QR code scanning and setup.

πŸ“„ Secure Documents & Identity Records

  • Encrypted File Attachments: Attach files directly to entries with secure, versioned in-app storage.
  • Digital Identity Wallet: Store and categorize Passports, National IDs, Driver's Licenses, and Insurance records.

πŸ›‘οΈ Proactive Security & Dashboard

  • Breach Monitoring: Have I Been Pwned (HIBP) API integration to alert you of compromised accounts.
  • Vault Health Scoring: Automatic detection of weak, reused, or aging passwords.
  • Local Secret Scanner: Built-in scanner to detect accidentally exposed API keys or tokens in your local filesystem or environment variables.

πŸ”„ Backup, Sync & Recovery

  • No-Hassle Cloud Sync: Built-in support to securely sync encrypted vaults via Google Drive, Dropbox, or OneDrive (no third-party plugins needed).
  • Shamir's Secret Sharing: Split your master recovery key into multiple pieces for secure distributed backup.
  • Automated Backups: Scheduled encrypted backups using Zstd compression.

πŸ“₯ Seamless Import & Export

  • Import from Bitwarden, 1Password, KeePass (CSV/XML), Google Chrome, and Microsoft Edge.
  • Export your entire vault or specific folders to encrypted JSON or CSV formats.

πŸ’» Advanced Platform Security

  • Biometric Unlock: Windows Hello, Touch ID, and Linux biometric integration.
  • Secure Memory: Cryptographic material is zeroed out upon locking or exiting.
  • Clipboard Protection: Secure clipboard handling with auto-clearing after a timeout.
  • Anti-Tampering: Anti-devtools detection and Strict Content Security Policy.
  • Portable Mode: Run entirely from a USB stick without installation.

Master Password Login Locked Vault Blur Panel

User Experience

  • Dark, Light, and System themes
  • Accent color customization
  • Compact sidebar mode
  • Global command palette (Ctrl+K / Cmd+K)
  • Keyboard shortcuts

Architecture

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚                    Desktop Shell                     β”‚
β”‚                    Tauri v2                          β”‚
β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
β”‚    Frontend (React)  β”‚    Backend (Rust)             β”‚
β”‚                      β”‚                              β”‚
β”‚  Β· React 19          β”‚  Β· Tauri Commands            β”‚
β”‚  Β· TypeScript        β”‚  Β· Services Layer            β”‚
β”‚  Β· Tailwind CSS      β”‚  Β· Crypto Engine             β”‚
β”‚  Β· Radix UI          β”‚  Β· Vault Engine              β”‚
β”‚  Β· Zustand           β”‚  Β· SQLite (SQLx)             β”‚
β”‚  Β· TanStack Query    β”‚  Β· AES-256-GCM / Argon2      β”‚
β”‚  Β· Framer Motion     β”‚  Β· Shamir's Secret Sharing   β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
         β”‚                        β”‚
         └──────── IPC β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
              (Tauri Commands)

Tech Stack

Layer Technology
Desktop Framework Tauri v2
Frontend React 19, TypeScript, Tailwind CSS, Radix UI, Zustand
Backend Rust, Tokio, SQLx, Serde
Database SQLite (local, auto-created)
Cryptography AES-256-GCM, ChaCha20Poly1305, Argon2, HKDF, HMAC, SHA-2
Authentication Master password + Windows Hello biometrics
Secret Sharing Shamir's Secret Sharing
Backup Zstd compression, encrypted export, cloud sync (OAuth2)

System Requirements

Platform Minimum Recommended
Windows Windows 10 1803+ Windows 11
macOS macOS 10.15+ macOS 14+
Linux WebKit2GTK 4.1+ Ubuntu 22.04+ / Fedora 38+
RAM 512 MB 2 GB
Storage 200 MB 500 MB

Download

You can always find the latest stable version of NGXSMK Wallet for your operating system on our Releases page.

Download Latest Release

Platform Available Formats
Windows .msi, .exe
macOS .dmg, .app
Linux .AppImage, .deb

πŸ‘‰ View All Releases and Changelogs


Quick Start

  1. Download the installer for your platform from the links above
  2. Install and launch NGXSMK Wallet
  3. Create your master password on first run
  4. Save your recovery key in a safe place
  5. Start adding your passwords, identities, and documents

All data is stored locally in your platform's app data directory. Your master password is the only key.


Building from Source

Building from source requires the Rust backend which is proprietary. Pre-built binaries are the recommended way to use NGXSMK Wallet.

If you have a licensed backend, see BUILDING.md for instructions.


Security

NGXSMK Wallet is designed with security as the primary concern:

  • Zero-knowledge architecture β€” encryption keys are derived from your master password at runtime and never stored
  • AES-256-GCM β€” all vault data encrypted at rest
  • Argon2id β€” memory-hard key derivation resists GPU/ASIC attacks
  • Secure memory β€” cryptographic material zeroed on lock/exit
  • Constant-time operations β€” mitigates timing side-channel attacks
  • Offline-first β€” no network requests, no telemetry, no cloud dependence

Found a vulnerability? Contact ngxsmk@gmail.com


License

  • Frontend (React/TypeScript): MIT License
  • Backend (Rust): Proprietary β€” All Rights Reserved

See LICENSE for full terms.


About NGXSMK

NGXSMK builds privacy-first tools for individuals and organizations who value digital sovereignty. Learn more at ngxsmk.com.

About & Legal

About

Privacy-first, zero-knowledge, fully local Digital Identity, Secrets, Passkey, Password & Secure Document Manager built with Tauri, Rust, and React.

Topics

Resources

Code of conduct

Contributing

Security policy

Stars

5 stars

Watchers

0 watching

Forks

Contributors