ADR 0003 · Secret handling
What this ADR decides
That Craik stores and displays secret references, not secret values. Secrets are resolved at request time and injected into transport headers by a per-request header factory. Local persistence rejects unredacted secret-looking payloads.
Status: Accepted.
The product premise is durable, auditable agent work. That value breaks immediately if receipts, handoffs, or fixtures leak credentials.
Context
Craik writes receipts, handoffs, case files, provider configs, and local store records. Those artifacts must be useful for audit and replay without leaking API keys, tokens, local credentials, or copied secrets from adjacent tools.
Decision
References, not values
Runtime configs use env-var names or other non-secret references.
Request-time resolution
A resolver injects secrets into transport headers via a per-request header factory.
Persistence rejection
Local persistence rejects unredacted secret-looking payloads.
Receipt redaction
Receipts redact request metadata before storage.
Public surfaces
Errors and public docs must not include raw secret values. Missing-secret errors avoid disclosing unnecessary intent.
Debug logging
May name references only when explicitly scoped for local diagnosis.
Consequences
Operators can audit which credential reference was used without exposing the credential. Provider transports and migration tools need explicit tests to prove that authorization headers and copied secret values are not stored in exceptions, receipts, docs, or fixtures.
Alternatives considered
Retraction: none active.
Retract this ADR only if Craik formally adopts a secret-storage subsystem with rotation, encryption, access control, and audit semantics.