Why Redshift?
How Redshift compares to Doppler, Vault, and other secret management solutions.
The Problem with Traditional Secret Managers
Most secret management tools share a common architecture: your secrets are stored on someone else's servers, encrypted with keys they control. This creates several issues:
- Vendor lock-in - Your data is trapped in a proprietary format
- Single point of failure - If the service goes down, so does your deployment
- Trust requirement - You must trust the company won't be compromised, subpoenaed, or shut down
- Censorship risk - Your account can be terminated at any time
- Cost scaling - Pricing often scales with usage, team size, or secrets count
The Redshift Difference
Redshift takes a fundamentally different approach:
Client-Side Encryption
Secrets are encrypted on your device before being sent anywhere. Even relay operators cannot read your data.
Your Keys, Your Data
Your Nostr identity controls access. No company can lock you out of your own secrets.
Decentralized Storage
Data is replicated across multiple independent relays. No single point of failure.
Open Protocol
Built on Nostr, an open standard. Export your data anytime, use any compatible client.
Feature Comparison
| Feature | Redshift | Doppler | Vault | AWS SM |
|---|---|---|---|---|
| Client-side encryption | ||||
| No vendor lock-in | ||||
| Self-hostable | ||||
| Free for individuals | ||||
| No infra to manage | ||||
| Censorship resistant | ||||
| Doppler-compatible CLI | ||||
| Team sharing | ||||
| Audit logs |
= Full support, = Partial/Coming soon, = Not available
When to Use Redshift
Redshift is ideal for:
- Solo developers and small teams
- Privacy-conscious developers
- Open source projects
- Side projects and indie hackers
- Anyone who values sovereignty over their data
- Developers already using Nostr
Consider alternatives if you need:
- Enterprise compliance features (SOC2, HIPAA)
- Complex role-based access control
- Detailed audit logging
- Professional support SLAs
Migrating from Doppler
Redshift's CLI is designed to be Doppler-compatible, making migration straightforward:
| Doppler Command | Redshift Equivalent |
|---|---|
| doppler login | redshift login |
| doppler setup | redshift setup |
| doppler run -- npm start | redshift run -- npm start |
| doppler secrets set KEY value | redshift secrets set KEY value |
| doppler secrets | redshift secrets list |
The Bottom Line
Redshift offers a fundamentally different trust model. Instead of trusting a company with your secrets, you trust cryptography. Your secrets are encrypted with keys only you control, and stored on a decentralized network with no single point of failure.
This comes with trade-offs - you're responsible for backing up your Nostr keys, and some enterprise features aren't available yet. But for developers who value sovereignty and simplicity, Redshift offers a compelling alternative to the status quo.
Get Started
Ready to try Redshift? Install the CLI and follow the Quick Start guide.