Documentation
ShrouDB docs
Security infrastructure that just works. Nine engines, one binary, unified.
ShrouDB is a Rust-built platform with nine engines, each focused on one security primitive. Engines can run independently, or bundled into a single Moat process with dual-protocol access (HTTP + TCP).
Start here
Install
Homebrew, Docker, binary, or source.
Quickstart
Running in under five minutes.
Architecture
Engines, storage, protocols, telemetry.
Moat
Single binary, all engines, dual protocol.
The nine engines
| Engine | Purpose | Docs |
|---|---|---|
| Sigil | Issue and rotate every kind of credential. | Read → |
| Cipher | Encrypt anything without touching the keys. | Read → |
| Stash | Encrypted object storage you can revoke instantly. | Read → |
| Veil | Search encrypted data without leaking it. | Read → |
| Forge | Run an internal CA without running a PKI team. | Read → |
| Sentry | Authorization decisions you can prove in court. | Read → |
| Courier | Send sensitive notifications without leaving a trail. | Read → |
| Keep | Get secrets out of env vars for good. | Read → |
| Chronicle | One audit trail across every engine. | Read → |
Deployment paths
ShrouDB Cloud
Managed platform · free tier
Zero infrastructure. Every engine, hosted. Start free in under a minute.
ShrouDB Moat
Self-hosted · single binary
All nine engines in one process with shared auth, storage, and telemetry. One config file.