Open Source
GitHub transparency
Nest is fully open source. Security and behavior are based on verifiable code, not hidden logic.
Why this matters
Users can inspect truth directly instead of trusting marketing claims.
All core logic is inspectable in source code.
Security claims can be verified against implementation details.
Any user can audit, fork, and self-host based on their own trust model.
Open issue and PR history creates a public record of changes over time.
What to inspect first
Start here to validate encryption, identity, and server constraints.
Client-side encryption flow in `src/lib/vault/client.ts`.
Server verification and nonce/replay protections in `src/lib/vault/server.ts`.
Vault API routes under `src/app/api/vault/**`.
CLI policy checks in `src/lib/cli/policy.js`.
Route-level UX behavior in `src/components/keys/symmetric-key-generator.tsx`.