Active · May 27, 2026
docvault
docvault
Test
Project log
Chronological record of troubleshooting, retros, and updates while building this.
AI-scaffolded the full DocVault skeleton in a single 92-file commit
Tech retroMar 24, 2026 · 1 min
Ran the 8-phase implementation plan from CLAUDE.md to a working end-to-end skeleton in one commit, with AI assistance. Surface coverage was wide but depth was thin — the interesting parts came later.
Moved audit-log tamper detection from app code to PostgreSQL triggers
Tech retroMar 25, 2026 · 1 min
Added a SHA-256 hash chain on audit_logs and endpoint_events via DB triggers, plus UPDATE/DELETE prevention. Chose DB-level enforcement so any insert path — including ad-hoc psql — is forced through the chain.
Replaced AES-CTR with chunked AES-GCM after finding the file body had no MAC
TroubleshootMay 27, 2026 · 2 min
A documentation audit revealed README claimed AES-256-GCM but the actual cipher on file bodies was CTR with no authentication tag. Rewrote encryption.go as chunked GCM with truncation and reorder defenses, and fixed a concurrent-INSERT race in the hash chain triggers in the same commit.