Platanist Nest

Ciphertext Vault

Documentation

How to use Platanist Nest
This guide covers first-time setup, returning access, route intent, and failure recovery.
First-time setup
Create and back up a new key before storing secrets.

Step 1: Go to Onboarding and choose Create New Vault.

Step 2: Generate your key bundle in-browser.

Step 3: Set a backup passphrase and download your encrypted bundle file.

Step 4: Activate your key once.

Step 5: Save your first secret using Save and Encrypt.

Returning access
Import your existing key and load encrypted records.

Step 1: Go to Vault and choose Return to Vault.

Step 2: Enter your unlock passphrase.

Step 3: Import your encrypted bundle file.

Step 4: Activate key (if not already active).

Step 5: Load Secrets and click Read on any entry.

Route map
Each route has one purpose so workflows stay clear.

Onboarding (`/`)

Guided setup and workflow selection.

Vault (`/vault`)

Operational path for return/import/load/read/delete.

Keys (`/key-generation`)

Focused key generation and backup lifecycle.

Troubleshooting
Common errors and what they usually mean.

Incorrect passphrase or corrupted bundle

Confirm you are using the same passphrase used at download time and the correct JSON bundle file.

Unable to decrypt with this key

You likely imported a different key bundle than the one used to create that secret.

Replay or stale request

Retry the action. This protection blocks duplicate or stale signed requests.

Security summary
Nest uses key-based encryption without login accounts. Server stores ciphertext and metadata only.
GitHub transparency
The project is fully open source. You can inspect source code and verify implementation details anytime.
CLI downloads and usage
Install `nest-cli` from release assets and follow command-line workflows for push/pull.