Skip to main content

MiniVault — Example DRS Suite

examples/MiniVault/ in the source repository shows what a completed, filled-in DRS document suite looks like for a realistic local-first desktop application. MiniVault is a simple local-first secret vault for Windows desktop: it stores named secrets encrypted with AES-256-GCM, unlocked with a passphrase-derived key, and makes no network connections.

All four documents that a Minimal/Standard-tier DRS project needs are present and cross-consistent with each other and with the manifest:

  • ManifestMiniVault.manifest.toml, a complete manifest with all required fields, released status, and a real SHA-256.
  • Release Note v0.1.0docs/MiniVault v0.1.0.md, the finished release note with hash, theme, and design boundaries.
  • Release Checklistdocs/MiniVault - Release Checklist.md, with a completed per-version verification block.
  • Trust and Security Modeldocs/MiniVault - Trust and Security Model.md, the full trust model including crypto primitives, trust boundaries, and known limitations.

The example demonstrates the "Security-sensitive" document tier from the Overview page: because MiniVault handles encrypted secrets, it ships a Trust and Security Model in addition to the Minimal-tier manifest, release note, and checklist.

Read these four documents together — the SHA-256 hash A3F7C9E1B2D4F68A0C3E5B7D9F1A3C5E7B9D1F3A5C7E9B1D3F5A7C9E1B2D4F6 appears identically in the manifest, the release note, and the checklist's per-version block, which is exactly the cross-consistency DRS Section 5 requires.