| I built 1seed because I was tired of managing separate SSH keys, age keys, and signing keys across machines. Also something about brain wallets is romantic to me, admittedly. One seed derives everything deterministically: SSH keys, age encryption keys, Ed25519 signing keys, and site-specific passwords. Same seed + same realm = same keys, always. Storage is automatic: tries OS keychain (macOS Keychain, Linux Secret Service, Windows Credential Manager), falls back to ~/.1seed if unavailable. No config files. Written in Rust. MIT licensed. Use cases:
- Same SSH key across all your machines without copying files
- Deterministic age encryption keys for secrets management
- Password derivation with rotation (increment counter when compromised)
- BIP39 mnemonic generation (with appropriate warnings) Not a replacement for hardware keys on high-value targets, but solid for everyday dev work and personal infra. The fallback behavior means it works on headless servers without a keyring daemon, which was the main pain point that led me to write it. |