Full-Stack Developer (React + Supabase)

AuthKeeper is a zero-knowledge authentication vault designed to prioritize modern security and privacy. The encrypted storage provided includes TOTP secrets, passwords, secure notes, and credit card data, all powered by client-side encryption, real-time sync via Supabase, and robust row-level security. The company's mission is to create a product that ensures data sovereignty and usability coexist, offering military-grade protection with a zero-trust architecture to keep your data private. As a Full-Stack Developer at AuthKeeper, you will be responsible for maintaining and scaling the secure vault infrastructure, developing user-centric features, and enhancing client-side cryptography and secure storage workflows. This hands-on role gives you high-impact responsibilities and direct influence over a security-first product. **Responsibilities:** - Designing and developing secure features across the full stack, including vault UI, TOTP, secure notes, and password manager - Writing scalable, privacy-preserving code using React, TailwindCSS, Supabase, and Netlify Functions - Implementing cryptographic workflows using Web Crypto API and AES-256-GCM - Enforcing strict Row Level Security in Supabase - Integrating secure session handling and auto-lock mechanisms for sensitive vault data - Collaborating with security engineers to address threat models and implement mitigation strategies - Continuously auditing and improving encryption practices to maintain zero-knowledge guarantees - Contributing to a secure CI/CD pipeline with static analysis, secrets detection, and code linting **Required Skills:** - Strong hands-on experience with React, TypeScript/JavaScript, and Tailwind CSS - Deep understanding of Supabase, particularly authentication, RLS, and real-time sync - Familiarity with Netlify Functions or similar serverless environments - Experience with client-side encryption, browser-based crypto (Web Crypto API), and secure session design - Solid knowledge of zero-knowledge architecture, memory handling, and local key derivation (PBKDF2) - Understanding of web security principles like XSS, CSRF, CSP, HTTPS, HSTS - Proficiency in Git, CI/CD workflows, and clean modular architecture - Proactive mindset with attention to security implications in every layer **Nice to Have:** - Experience in building or contributing to password managers, encrypted storage apps, or MFA tools - Familiarity with OAuth2, TOTP generation, or browser extension security models - Experience implementing Progressive Web Apps (PWAs) or offline-first apps - Understanding of SSR (e.g., Next.js), advanced security headers, and anti-fingerprinting techniques Join AuthKeeper to be part of a team that prioritizes privacy, encryption, and user control. You will work independently with high ownership over core systems, collaborate with a mission-driven team on a modern stack, gain exposure to advanced cryptography, privacy tech, and real-world threat modeling, and make a significant impact in a space where security is foundational. To apply, send your GitHub, portfolio (or projects), and a short paragraph about why this mission excites you to developers@authkeeper.dev.,