A big +1 on this issue. It has happened a few times that I either dismissed the GPG password dialog box or waited too long to fill it in (apparently there is a timeout).

What happens then is that I lose everything and need to set up bridge all over again: settings, accounts, client-side passwords, followed by the long and costly re-download of my whole mailbox.

I would be very happy if this were fixed!

I use thefollowing sequence on Debian:

pass xxx

This will ask for the passphrase and give the key. It opens the database. The database seems to stay open for a limited time.
Thereafter I can start bridge without a problem.

protonmail-bridge --cli

j.

This is a big problem, since whenever the vault gets wiped, I have to do this:

1. Check the CLI for a new password
2. Edit the password in pass with the new password, for IMAP
3. Do the same for SMTP
4. Export the new cert.pem key
5. Move the key to the location where my mail agent (isync/mbsync) is configured to find it
6. Wait for a large sync operation to sync all my mail over again
7. Trash my whole maildir folder, since the UID validity has now changed, and mbsync won't sync any more
8. Recreate the maildir

It looks like this is still an issue, and even if you don't set a password for your gpg key. I know my example is trying to run proton-bridge headless in a docker container, but regardless the issue is the same. Despite mounting volumes to persist the required files, even in the same container just restarting the process results in the vault being recreated and the imap/smtp passwords changing.

FROM golang:1.21.9 as build
ARG PROTON_BRIDGE_VERSION
RUN apt-get update && apt-get install -y libsecret-1-dev
RUN git clone https://github.com/ProtonMail/proton-bridge.git
WORKDIR proton-bridge
RUN git checkout tags/v$PROTON_BRIDGE_VERSION
RUN make build-nogui
FROM debian:12.8-slim
COPY --from=build /go/proton-bridge /opt/proton-bridge
ENV PATH="$PATH:/opt/proton-bridge"
RUN apt-get update && apt-get install --assume-yes --no-install-recommends \
    gnupg \
    pass \
    libsecret-1-dev \
    && rm -rf /var/lib/apt/lists/*
RUN gpg --batch --passphrase "" --quick-gen-key "proton-bridge" default default never
RUN pass init "proton-bridge"
EXPOSE 1025
EXPOSE 1143
CMD ( echo "login"; echo $PROTON_EMAIL; echo $PROTON_PASSWORD; sleep 15s; echo "info 0"; echo "exit" ) | proton-bridge --cli && proton-bridge --noninteractive

2025-01-12 10:18:12.151872+00:00�[33mWARN�[0m[Jan 12 10:18:12.151] Failed to add test credentials to keychain    �[33merror�[0m="failed to open dbus connection: exec: \"dbus-launch\": executable file not found in $PATH" �[33mhelper�[0m="*keychain.SecretServiceDBusHelper"
2025-01-12 10:18:12.413630+00:00�[33mWARN�[0m[Jan 12 10:18:12.413] no vault key found, generating new            �[33merror�[0m="could not get keychain item: credentials not found in native keychain"
2025-01-12 10:18:13.676839+00:00�[33mWARN�[0m[Jan 12 10:18:13.676] Failed to load existing vault, vault has been reset  �[33merror�[0m="failed to decrypt vault: cipher: message authentication failed"
2025-01-12 10:18:13.690527+00:00�[33mWARN�[0m[Jan 12 10:18:13.690] The vault is corrupt and has been wiped

*** edit ***
ok this might be nothing to do with the gpg key, i think my issue is docker related and how the dbus isn't running which means proton-bridge can't read or add keys to my pass keyring and so goes ahead and creates a brand new vault every time?