GitHubLinkedInSchedule a meeting

01SWE

Role-based encrypted documents with audit logs

Design notes on document encryption, access boundaries, and auditability—plus why 'blockchain' is usually the least interesting part of the system.

← Back to blog
Jan · 261 min read

My approach was role-first: define who can do what, then derive keys and storage rules from that.

Audit logs are only useful if they're queryable and explainable. I optimized for 'what happened and why' over cryptographic novelty.

The takeaway: secure systems are mostly about careful defaults and predictable recovery paths.

All postsLet's talk