diff --git a/README.md b/README.md
index 47e0c514e..9056da397 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
-Open Source, end-to-end encrypted key management platform for developers to encrypt data in their apps.
+Open Source, end-to-end encrypted, self-hostable all in one platform for developers to manage secrets and environment variables. From their laptop 💻 to the cloud ☁️.
+
+
+
-
+## Console
+
+
-
-
-[Phase Console](https://phase.dev) is an open source, end-to-end encrypted key management solution for developers to seamlessly encrypt production data in their apps.
+- **[Phase Console](https://console.phase.dev)**: Dashboard for seamlessly creating, managing, rotating secrets and environment variables
-We're on a mission to make strong encryption accessible to all developers, not just security teams. That means redesigning the entire developer experience from the ground up.
-
-## Features
-
-- **[Phase Console](https://console.phase.dev)**: Dashboard for seamlessly creating, managing, rotating and monitoring keys
-- **[Phase KMS](https://phase.dev)**: A zero knowledge key management service
-- **[Dual-Key Model](https://docs.phase.dev/security#dual-key-model)**: Avoid single point of compromise of the private key via [secret splitting schemes](https://en.wikipedia.org/wiki/Secret_sharing)
- **[Hold your keys](https://docs.phase.dev/security/phase-encryption#account-keyring)**: Maintain self-custody of your root keys via 24 word mnemonic phrase
+- **Secret management**: Diffs, version control and Point-in-time Recovery
+- **RBAC**: Fine-grained, role-based and cryptographic access control, per application, per environment.
+- **Service Tokens**: Authenticate CI runners, build tools and production environment with granualar-scope
+- **Secret referencing**: Inherit secrets to create sophisticated configurations
+- **[Audit Logs]()**: Compelte visibility into every change and access event
- **[Self Hosting](https://docs.phase.dev)**: Run Phase on your own infrastructure
-- **[Client SDKs](https://docs.phase.dev/sdks)**: Asynchronously encrypt data in the browsers of your users without any external API or sensitive keys [Live Demo](https://phase.dev/#use-cases)
-- **[Server SDKs](https://docs.phase.dev/sdks)**: Securely decrypt and process data in memory only when you need to with 3 lines of code
-- **[Phase I/O]()**: Self-hosted EaaS (Encryption as a Service) and a transparent proxy encryption (Coming Soon)
+- **[Phase KMS](https://phase.dev)**: A zero knowledge key management service
+- **[SDKs](https://docs.phase.dev/sdks)**: Encrypt / decrypt data with a few lines of code.
And much more.
---
-## What about SSE?
+## CLI
+
+```bash
+# Your existing secrets
+> cat .env
+AWS_ACCESS_KEY_ID="AKIA2OGYBAH63UA3VNFG"
+AWS_SECRET_ACCESS_KEY="V5yWXDe82Gohf9DYBhpatYZ74a5fiKfJVx8rx6W1"
-Relying on automatic database, disk or bucket level encryption has its limitations, since the data is automatically decrypted when retrieved and the keys typically belong to the hosting provider. A breach is a single SQL or a IAM misconfiguration away.
+# Import your existing secrets
+> phase secrets import .env
+Successfully imported and encrypted 2 secrets.
+To view them please run: phase secrets list
-See:
+# View your secrets in Phase
+> phase secrets list
+KEY 🗝️ | VALUE ✨
+----------------------------------------------------------------------------------------------------
+AWS_ACCESS_KEY_ID | AKI**************NFG
+AWS_SECRET_ACCESS_KEY | V5y**********************************6W1
+
+🥽 To uncover the secrets, use: phase secrets list --show
+
+# Get rid of your .env
+> rm .env
+
+# Seamlessly inject secrets during runtime
+> phase run yarn dev
+$ next dev
+ready - started server on 0.0.0.0:3000, url: http://localhost:3000
+```
+
+
+- **CLI**: Fetch, decrypt and inject secrets and environment variables to your application. Zero code changes required.
+- Inject
+- Export secrets in a dotenv format
+- **Cross platform**: Easily install the Phase CLI on macOS, Ubuntu/Arch/Redhat/Alpine Linux, Windows, Docker.
+- **Keyring Integration** - Store keys and credentials securely in [macOS Keychain](https://en.wikipedia.org/wiki/Keychain_%28software%29), [Windows Credential Locker](https://learn.microsoft.com/en-us/windows/uwp/security/credential-locker), [KDE Wallet](https://en.wikipedia.org/wiki/KWallet), [GNOME Keyring](https://en.wikipedia.org/wiki/GNOME_Keyring) etc.
+- **[Private Key Sharding](https://docs.phase.dev/security#dual-key-model)**: Avoid single point of compromise of the private key via [secret splitting schemes](https://en.wikipedia.org/wiki/Secret_sharing)
-- [OWASP - Cryptographic Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures/#example-attack-scenarios)
-- [IAM misconfiguration](https://github.com/nagwww/s3-leaks)
-- [Problems with S3 encryption](https://www.secwale.com/p/encryption)
---
@@ -65,11 +95,12 @@ The quickest and most reliable way to get started is making a new free account o
### Deploy Phase Console on your infrastructure
-Deployment options:
+- [Docker Compose](https://docs.phase.dev/self-hosting/docker-compose)
+- [AWS](https://docs.phase.dev/self-hosting/aws)
+- [Azure](https://docs.phase.dev/self-hosting/azure)
+- [Google Cloud Platform](https://docs.phase.dev/self-hosting/gcp)
+- [DigitalOcean](https://docs.phase.dev/self-hosting/digitalocean)
-- Docker-compose
-- AWS
-- DigitalOcean
See: [Self-hosting Phase](https://docs.phase.dev/self-hosting)
@@ -83,29 +114,13 @@ See: [Self-hosting Phase](https://docs.phase.dev/self-hosting)
More coming soon!
-Example:
-
-```js
-// Import & initialize
-const Phase = require('@phase.dev/phase-node')
-const phase = new Phase(APP_ID, APP_SECRET)
-
-// Encrypt
-const ciphertext = await phase.encrypt('hello world')
-
-// Decrypt
-const plaintext = await phase.decrypt(ciphertext)
-console.log(plaintext)
-$ hello world
-```
-
---
## Community vs Enterprise edition
-Phase operates on an [open-core](https://en.wikipedia.org/wiki/Open-core_model) model, similar to that of [GitLab](https://gitlab.com), [Infisical](https://infisical.com), [PostHog](https://posthog.com) etc.
+Phase operates on an [open-core](https://en.wikipedia.org/wiki/Open-core_model) model, similar to that of [GitLab](https://gitlab.com).
-This repo available under the [MIT expat license](/LICENSE), with the exception of the `ee` directory which will contain premium Pro or Enterprise features requiring a Phase license in the future.
+This repo available under the [MIT expat license](/LICENSE), with the exception of the `ee` directory which will contain Pro or Enterprise features requiring a Phase license.
---
@@ -121,7 +136,7 @@ For more information see: [SECURITY.md](/SECURITY.md)
## Contributing
-Whether it's big or small, we love contributions. See [CONTRIBUTING.md](/CONTRIBUTING.md)
+We love contributions. See [CONTRIBUTING.md](/CONTRIBUTING.md)
You can join our [Slack](https://join.slack.com/t/phase-community/shared_invite/zt-1tkwzl31z-a6yCB5Uqlj~V2x43ep2Evg) if you have any questions!
diff --git a/img/console-home.png b/img/console-home.png
deleted file mode 100644
index 70b186a23..000000000
Binary files a/img/console-home.png and /dev/null differ
diff --git a/img/console-logs.png b/img/console-logs.png
deleted file mode 100644
index 6e1dd087d..000000000
Binary files a/img/console-logs.png and /dev/null differ
diff --git a/img/environment-secrets.png b/img/environment-secrets.png
new file mode 100644
index 000000000..5ee1dbd10
Binary files /dev/null and b/img/environment-secrets.png differ
diff --git a/img/members.png b/img/members.png
new file mode 100644
index 000000000..aac4e1734
Binary files /dev/null and b/img/members.png differ
diff --git a/img/secrets-overview.png b/img/secrets-overview.png
new file mode 100644
index 000000000..495f55f33
Binary files /dev/null and b/img/secrets-overview.png differ
diff --git a/img/vscode-demo.png b/img/vscode-demo.png
deleted file mode 100644
index d4d77c44d..000000000
Binary files a/img/vscode-demo.png and /dev/null differ
+ 
- 
+ 