@p47h/vault-react
Encrypted local state for React applications.
Zero-config hooks backed by a Rust/WASM cryptographic core.
The problem
In React apps, secrets usually end up in memory, localStorage, or environment variables exposed at build time. None of these are encrypted at rest. None of them lock when the user leaves.
@p47h/vault-react lets you treat secrets as encrypted state: stored locally, decrypted only when needed, and never exposed as plain text at rest.
What this package does
Provides React hooks for encrypted local storage
Manages Vault lifecycle and WASM loading automatically
Reacts automatically to authentication state changes
Exposes loading and error states for predictable UI
What this package does NOT
Sync data between devices
Replace a backend
Manage passwords for users
Expose raw cryptographic keys to JavaScript
This is what encrypted state looks like
const [apiKey, setApiKey] = useSecret("stripe_key");Secrets behave like local state, but are encrypted at rest and unavailable when the vault is locked.
Install
npm install @p47h/vault-reactRelationship with Core SDK
This package is a thin React binding over @p47h/vault-js. All cryptographic guarantees live in the core. The React layer handles lifecycle, context, and reactivity.