This is a description of an open-source, end-to-end encrypted key management platform called Phase Console. It allows developers to encrypt data in their apps without compromising the private key's single point of failure via secret splitting schemes and maintains self-custody of root keys using a 24-word mnemonic phrase. Phase Console provides features such as a dashboard for creating, managing, rotating, and monitoring keys, a zero-knowledge key management service, client and server SDKs, and self-hosting capabilities. Additionally, they provide an open-core model that includes premium Pro or Enterprise features requiring a Phase license in the future.
The website also addresses the limitations of relying on automatic database, disk, or bucket-level encryption and the risk of a single SQL or IAM misconfiguration leading to a breach. Users can deploy Phase Console on their infrastructure using Docker-compose, AWS, DigitalOcean, or check out the Quickstart Guides for Phase Cloud.
The repo is available under the MIT expat license except for the ee directory containing premium features requiring a Phase license. The Security Docs provide more information on how Phase encryption works, and contributors are welcome to join the Slack channel and follow the CONTRIBUTING.md guidelines.