diff --git a/dagger/keychain/encrypt.go b/dagger/keychain/encrypt.go
new file mode 100644
index 00000000..bd78ea01
--- /dev/null
+++ b/dagger/keychain/encrypt.go
@@ -0,0 +1,123 @@
+package keychain
+
+import (
+	"context"
+	"fmt"
+	"os"
+
+	"go.mozilla.org/sops/v3"
+	"go.mozilla.org/sops/v3/aes"
+	sopsage "go.mozilla.org/sops/v3/age"
+	"go.mozilla.org/sops/v3/cmd/sops/common"
+	"go.mozilla.org/sops/v3/cmd/sops/formats"
+	sopsdecrypt "go.mozilla.org/sops/v3/decrypt"
+	sopskeys "go.mozilla.org/sops/v3/keys"
+	sopsyaml "go.mozilla.org/sops/v3/stores/yaml"
+	"go.mozilla.org/sops/v3/version"
+)
+
+// setupEnv: hack to inject a SOPS env var for age
+func setupEnv() error {
+	p, err := Path()
+	if err != nil {
+		return err
+	}
+	return os.Setenv("SOPS_AGE_KEY_FILE", p)
+}
+
+// Encrypt data using SOPS with the AGE backend, using the provided public key
+func Encrypt(ctx context.Context, path string, plaintext []byte, key string) ([]byte, error) {
+	if err := setupEnv(); err != nil {
+		return nil, err
+	}
+
+	store := &sopsyaml.Store{}
+	branches, err := store.LoadPlainFile(plaintext)
+	if err != nil {
+		return nil, err
+	}
+
+	ageKeys, err := sopsage.MasterKeysFromRecipients(key)
+	if err != nil {
+		return nil, err
+	}
+	ageMasterKeys := make([]sopskeys.MasterKey, 0, len(ageKeys))
+	for _, k := range ageKeys {
+		ageMasterKeys = append(ageMasterKeys, k)
+	}
+	var group sops.KeyGroup
+	group = append(group, ageMasterKeys...)
+
+	tree := sops.Tree{
+		Branches: branches,
+		Metadata: sops.Metadata{
+			KeyGroups:       []sops.KeyGroup{group},
+			EncryptedSuffix: "secret",
+			Version:         version.Version,
+		},
+		FilePath: path,
+	}
+
+	// Generate a data key
+	dataKey, errs := tree.GenerateDataKey()
+	if len(errs) > 0 {
+		return nil, fmt.Errorf("error encrypting the data key with one or more master keys: %v", errs)
+	}
+
+	err = common.EncryptTree(common.EncryptTreeOpts{
+		DataKey: dataKey, Tree: &tree, Cipher: aes.NewCipher(),
+	})
+	if err != nil {
+		return nil, err
+	}
+	return store.EmitEncryptedFile(tree)
+}
+
+// Reencrypt a file with new content using the same keys
+func Reencrypt(_ context.Context, path string, plaintext []byte) ([]byte, error) {
+	if err := setupEnv(); err != nil {
+		return nil, err
+	}
+
+	current, err := os.ReadFile(path)
+	if err != nil {
+		return nil, err
+	}
+
+	// Load the encrypted file
+	store := &sopsyaml.Store{}
+	tree, err := store.LoadEncryptedFile(current)
+	if err != nil {
+		return nil, err
+	}
+
+	// Update the file with the new data
+	newBranches, err := store.LoadPlainFile(plaintext)
+	if err != nil {
+		return nil, err
+	}
+	tree.Branches = newBranches
+
+	// Re-encrypt the file
+	key, err := tree.Metadata.GetDataKey()
+	if err != nil {
+		return nil, err
+	}
+	err = common.EncryptTree(common.EncryptTreeOpts{
+		DataKey: key, Tree: &tree, Cipher: aes.NewCipher(),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return store.EmitEncryptedFile(tree)
+}
+
+// Decrypt data using sops
+func Decrypt(_ context.Context, encrypted []byte) ([]byte, error) {
+	if err := setupEnv(); err != nil {
+		return nil, err
+	}
+
+	return sopsdecrypt.DataWithFormat(encrypted, formats.Yaml)
+}
diff --git a/dagger/keychain/keys.go b/dagger/keychain/keys.go
new file mode 100644
index 00000000..06ab78b3
--- /dev/null
+++ b/dagger/keychain/keys.go
@@ -0,0 +1,96 @@
+package keychain
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"os"
+	"os/user"
+	"path"
+	"path/filepath"
+	"time"
+
+	"filippo.io/age"
+	"github.com/rs/zerolog/log"
+)
+
+func Path() (string, error) {
+	usr, err := user.Current()
+	if err != nil {
+		return "", err
+	}
+
+	return path.Join(usr.HomeDir, ".dagger", "keys.txt"), nil
+}
+
+func Default(ctx context.Context) (string, error) {
+	keys, err := List(ctx)
+	if err != nil {
+		if errors.Is(err, os.ErrNotExist) {
+			return Generate(ctx)
+		}
+		return "", err
+	}
+	if len(keys) == 0 {
+		return "", errors.New("no identities found in the keys file")
+	}
+
+	return keys[0].Recipient().String(), nil
+}
+
+func Generate(ctx context.Context) (string, error) {
+	keysFile, err := Path()
+	if err != nil {
+		return "", err
+	}
+
+	k, err := age.GenerateX25519Identity()
+	if err != nil {
+		return "", fmt.Errorf("internal error: %v", err)
+	}
+
+	if err := os.MkdirAll(filepath.Dir(keysFile), 0755); err != nil {
+		return "", err
+	}
+	f, err := os.OpenFile(keysFile, os.O_WRONLY|os.O_CREATE|os.O_EXCL, 0600)
+	if err != nil {
+		return "", fmt.Errorf("failed to open keys file %q: %v", keysFile, err)
+	}
+	defer f.Close()
+	fmt.Fprintf(f, "# created: %s\n", time.Now().Format(time.RFC3339))
+	fmt.Fprintf(f, "# public key: %s\n", k.Recipient())
+	fmt.Fprintf(f, "%s\n", k)
+
+	pubkey := k.Recipient().String()
+
+	log.Ctx(ctx).Debug().Str("publicKey", pubkey).Msg("generating keypair")
+
+	return pubkey, nil
+}
+
+func List(ctx context.Context) ([]*age.X25519Identity, error) {
+	keysFile, err := Path()
+	if err != nil {
+		return nil, err
+	}
+
+	f, err := os.Open(keysFile)
+	if err != nil {
+		return nil, fmt.Errorf("failed to open keys file file %q: %w", keysFile, err)
+	}
+	ids, err := age.ParseIdentities(f)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse input: %w", err)
+	}
+
+	keys := make([]*age.X25519Identity, 0, len(ids))
+	for _, id := range ids {
+		key, ok := ids[0].(*age.X25519Identity)
+		if !ok {
+			return nil, fmt.Errorf("internal error: unexpected identity type: %T", id)
+		}
+		keys = append(keys, key)
+	}
+
+	return keys, nil
+}
diff --git a/dagger/state/store.go b/dagger/state/store.go
index 966d4494..d219942c 100644
--- a/dagger/state/store.go
+++ b/dagger/state/store.go
@@ -3,11 +3,13 @@ package state
 import (
 	"context"
 	"errors"
+	"fmt"
 	"os"
 	"path"
 	"path/filepath"
 	"strings"
 
+	"dagger.io/go/dagger/keychain"
 	"gopkg.in/yaml.v3"
 )
 
@@ -26,13 +28,33 @@ const (
 
 func Init(ctx context.Context, dir, name string) (*State, error) {
 	root := path.Join(dir, daggerDir)
-	err := os.Mkdir(root, 0755)
-	if err != nil {
+	if err := os.Mkdir(root, 0755); err != nil {
 		if errors.Is(err, os.ErrExist) {
 			return nil, ErrAlreadyInit
 		}
 		return nil, err
 	}
+	manifestPath := path.Join(dir, daggerDir, manifestFile)
+
+	st := &State{
+		Path: dir,
+		Name: name,
+	}
+	data, err := yaml.Marshal(st)
+	if err != nil {
+		return nil, err
+	}
+	key, err := keychain.Default(ctx)
+	if err != nil {
+		return nil, err
+	}
+	encrypted, err := keychain.Encrypt(ctx, manifestPath, data, key)
+	if err != nil {
+		return nil, err
+	}
+	if err := os.WriteFile(manifestPath, encrypted, 0600); err != nil {
+		return nil, err
+	}
 
 	err = os.WriteFile(
 		path.Join(root, ".gitignore"),
@@ -43,12 +65,7 @@ func Init(ctx context.Context, dir, name string) (*State, error) {
 		return nil, err
 	}
 
-	st := &State{
-		Path: dir,
-		Name: name,
-	}
-
-	return st, Save(ctx, st)
+	return st, nil
 }
 
 func Current(ctx context.Context) (*State, error) {
@@ -91,6 +108,11 @@ func Open(ctx context.Context, dir string) (*State, error) {
 	if err != nil {
 		return nil, err
 	}
+	data, err = keychain.Decrypt(ctx, data)
+	if err != nil {
+		return nil, fmt.Errorf("unable to decrypt state: %w", err)
+	}
+
 	var st State
 	if err := yaml.Unmarshal(data, &st); err != nil {
 		return nil, err
@@ -111,7 +133,13 @@ func Save(ctx context.Context, st *State) error {
 		return err
 	}
 
-	if err := os.WriteFile(path.Join(st.Path, daggerDir, manifestFile), data, 0600); err != nil {
+	manifestPath := path.Join(st.Path, daggerDir, manifestFile)
+
+	encrypted, err := keychain.Reencrypt(ctx, manifestPath, data)
+	if err != nil {
+		return err
+	}
+	if err := os.WriteFile(manifestPath, encrypted, 0600); err != nil {
 		return err
 	}
 
diff --git a/go.mod b/go.mod
index 3029f551..ab46d73b 100644
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,8 @@ module dagger.io/go
 go 1.16
 
 require (
-	cuelang.org/go v0.4.0-rc.1
+	cuelang.org/go v0.4.0-beta.1
+	filippo.io/age v1.0.0-rc.1
 	github.com/HdrHistogram/hdrhistogram-go v1.1.0 // indirect
 	github.com/KromDaniel/jonson v0.0.0-20180630143114-d2f9c3c389db
 	github.com/containerd/console v1.0.2
@@ -17,7 +18,7 @@ require (
 	github.com/morikuni/aec v1.0.0
 	github.com/opencontainers/go-digest v1.0.0
 	github.com/opentracing/opentracing-go v1.2.0
-	github.com/rs/zerolog v1.22.0
+	github.com/rs/zerolog v1.21.0
 	github.com/spf13/cobra v1.1.3
 	github.com/spf13/viper v1.7.1
 	github.com/stretchr/testify v1.7.0
diff --git a/go.sum b/go.sum
index 56679f4b..a85441b1 100644
--- a/go.sum
+++ b/go.sum
@@ -44,12 +44,13 @@ contrib.go.opencensus.io/exporter/ocagent v0.5.0/go.mod h1:ImxhfLRpxoYiSq891pBrL
 contrib.go.opencensus.io/exporter/stackdriver v0.12.1/go.mod h1:iwB6wGarfphGGe/e5CWqyUk/cLzKnWsOKPVW3no6OTw=
 contrib.go.opencensus.io/integrations/ocsql v0.1.4/go.mod h1:8DsSdjz3F+APR+0z0WkU1aRorQCFfRxvqjUUPMbF3fE=
 contrib.go.opencensus.io/resource v0.1.1/go.mod h1:F361eGI91LCmW1I/Saf+rX0+OFcigGlFvXwEGEnkRLA=
-cuelang.org/go v0.4.0-rc.1 h1:X8fsqVhLCvXFhsWMGbI8rjTal45YOgt+ko+m7rOCySM=
-cuelang.org/go v0.4.0-rc.1/go.mod h1:tz/edkPi+T37AZcb5GlPY+WJkL6KiDlDVupKwL3vvjs=
+cuelang.org/go v0.4.0-beta.1 h1:/YjeAmymfNdTLSA3jHXNrj8Q+5Zq9by7qNOssqUBM+c=
+cuelang.org/go v0.4.0-beta.1/go.mod h1:tz/edkPi+T37AZcb5GlPY+WJkL6KiDlDVupKwL3vvjs=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20201218220906-28db891af037/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
-filippo.io/age v1.0.0-beta7 h1:RZiSK+N3KL2UwT82xiCavjYw8jJHzWMEUYePAukTpk0=
 filippo.io/age v1.0.0-beta7/go.mod h1:chAuTrTb0FTTmKtvs6fQTGhYTvH9AigjN1uEUsvLdZ0=
+filippo.io/age v1.0.0-rc.1 h1:jQ+dz16Xxx3W/WY+YS0J96nVAAidLHO3kfQe0eOmKgI=
+filippo.io/age v1.0.0-rc.1/go.mod h1:Vvd9IlwNo4Au31iqNZeZVnYtGcOf/wT4mtvZQ2ODlSk=
 filippo.io/edwards25519 v1.0.0-alpha.2/go.mod h1:X+pm78QAUPtFLi1z9PYIlS/bdDnvbCOGKtZ+ACWEf7o=
 git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
 git.apache.org/thrift.git v0.12.0/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
@@ -879,8 +880,8 @@ github.com/rogpeppe/go-internal v1.5.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTE
 github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8=
 github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
 github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
-github.com/rs/zerolog v1.22.0 h1:XrVUjV4K+izZpKXZHlPrYQiDtmdGiCylnT4i43AAWxg=
-github.com/rs/zerolog v1.22.0/go.mod h1:ZPhntP/xmq1nnND05hhpAh2QMhSsA4UN3MGZ6O2J3hM=
+github.com/rs/zerolog v1.21.0 h1:Q3vdXlfLNT+OftyBHsU0Y445MD+8m8axjKgf2si0QcM=
+github.com/rs/zerolog v1.21.0/go.mod h1:ZPhntP/xmq1nnND05hhpAh2QMhSsA4UN3MGZ6O2J3hM=
 github.com/rubiojr/go-vhd v0.0.0-20160810183302-0bfd3b39853c/go.mod h1:DM5xW0nvfNNm2uytzsvhI3OnX8uzaRAg8UX/CnDqbto=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
@@ -899,7 +900,6 @@ github.com/securego/gosec v0.0.0-20200103095621-79fbf3af8d83/go.mod h1:vvbZ2Ae7A
 github.com/securego/gosec v0.0.0-20200401082031-e946c8c39989/go.mod h1:i9l/TNj+yDFh9SZXUTvspXTjbFXgZGP/UvhU1S65A4A=
 github.com/securego/gosec/v2 v2.3.0/go.mod h1:UzeVyUXbxukhLeHKV3VVqo7HdoQR9MrRfFmZYotn8ME=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
-github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0=
 github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/serialx/hashring v0.0.0-20190422032157-8b2912629002/go.mod h1:/yeG0My1xr/u+HZrFQ1tOQQQQrOawfyMUH13ai5brBc=
 github.com/shirou/gopsutil v0.0.0-20190901111213-e4ec7b275ada/go.mod h1:WWnYX4lzhCH5h/3YBfyVA3VbLYjlMZZAQcW9ojMexNc=
@@ -1084,6 +1084,7 @@ golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 h1:/ZScEX8SfEmUGRHs0gxpqteO5nfNW6axyZbBdw9A12g=
 golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=