The latest articles on DEV Community by Firas Darwich (@mounir_darwich_1eba3688c1). https://dev.to/mounir_darwich_1eba3688c1 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3950614%2Fb1462094-829c-45a1-8476-0915659445f6.jpg https://dev.to/mounir_darwich_1eba3688c1 en Firas Darwich Mon, 25 May 2026 11:59:11 +0000 https://dev.to/mounir_darwich_1eba3688c1/stop-leaking-api-keys-why-i-built-a-local-first-vault-for-developers-4lg7 https://dev.to/mounir_darwich_1eba3688c1/stop-leaking-api-keys-why-i-built-a-local-first-vault-for-developers-4lg7 <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fbd2v5lyo8uu45ggf1ayd.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fbd2v5lyo8uu45ggf1ayd.png" alt=" " width="450" height="450"></a>We’ve all been there. You have a dozen side projects, and your API keys, database connection strings, and tokens are scattered across random <code>.env</code> files, sticky notes, or hidden in random folders. </p> <p>Worse? The constant anxiety of accidentally pushing a <code>.env</code> file with your OpenAI or AWS keys to a public GitHub repo.</p> <p>I looked around for a solution. While there are great password managers out there, they felt like overkill for my daily dev workflow, or they forced me to store my sensitive developer secrets on someone else's cloud server. I wanted something <strong>local, fast, and built specifically for developers.</strong></p> <p>So, I built <strong>DevNote</strong> 🛠️.</p> <h3> What is DevNote? </h3> <p>DevNote is a radically secure, local-first digital vault designed to help developers manage their API keys, tokens, and secrets safely right on their Windows machines.</p> <p>As a .NET developer, I decided to build this using <strong>C# and Avalonia UI</strong>, applying <strong>Clean Architecture</strong> principles. For storage, I went entirely local with SQLite.</p> <h3> 🚀 Key Features: </h3> <ul> <li> <strong>Local-First &amp; Offline:</strong> Your secrets never leave your machine unless you explicitly want them to.</li> <li> <strong>Military-Grade Encryption:</strong> Everything is secured with AES-256 encryption.</li> <li> <strong>Anti-Screenshot Protection:</strong> Built-in protection to prevent accidental screen recordings or screenshots of your keys.</li> <li> <strong>BYOK (Bring Your Own Key) for AI:</strong> Full control over your AI integrations.</li> </ul> <h3> I need your feedback! 🙏 </h3> <p>I just launched the very first version of DevNote on the Microsoft Store. As a solo developer, getting feedback from this community would mean the world to me. </p> <p>Whether it's a feature request, a bug report, or just telling me what you think of the UI—I'm here for it!</p> <p>👉 <strong><a href="https://apps.microsoft.com/detail/9PDJJNJC5Z1M" rel="noopener noreferrer">Check out DevNote on the Microsoft Store</a></strong></p> <p>Let me know in the comments how you currently manage your local secrets and API keys!</p> showdev dotnet security productivity