yaman.pro
Safedoc Network

Safedoc Network

Safedoc Network was a group project focused on building a decentralized platform for securely uploading, encrypting, and archiving documents using Web3 technologies.

Web3 Storj Next.js Docker API Development Monorepo
First released: May 4, 2022

Overview

Safedoc Network was a collaborative project aimed at creating a secure, decentralized platform where students could upload project files or documents. The system encrypted these files during transmission and stored them across a distributed storage network, ensuring long-term accessibility and security.

The project emphasized user authentication, document integrity, and future-proof storage by leveraging decentralized Web3 technologies.

Project Description

Problem

Traditional academic institutions often rely on centralized and analog systems for document submission and storage, which can be described as not future-proof and uneasy to handle for students. There was a need for a more robust solution that ensures the confidentiality, integrity, and legally required long-term availability of student-submitted documents.

Key Objectives

  • Secure Document Submission: Enable students to upload documents securely, ensuring data is encrypted during transit.
  • Decentralized Storage: Utilize a distributed storage network to prevent data loss and enhance availability.
  • User Authentication: Implement robust authentication mechanisms to ensure that only authorized personnel can access sensitive documents.
  • Long-Term Accessibility: Design the system to maintain document accessibility and integrity over extended periods without relying on centralized infrastructure.

Technical Approach

  • Encryption: Employed HashiCorp Vault’s Transit Engine to encrypt documents during transmission, ensuring data confidentiality.
  • Decentralized Storage: Leveraged Storj’s decentralized cloud storage platform to distribute encrypted document fragments across a global network of nodes, enhancing data redundancy and availability.
  • Microservices Architecture: Adopted a microservices-based architecture using Docker containers orchestrated with Docker Compose for modularity and scalability.
  • API Management: Integrated Kong Gateway for efficient API routing and security management.
  • Reverse Proxy: Utilized Traefik as a reverse proxy and load balancer to manage incoming traffic and ensure high availability.
  • Authentication and Authorization: Implemented Auth0 to manage user login, authentication flows, and access control.
  • Frontend Development: Built the user interface using Next.js, offering a responsive and intuitive platform for both students and administrators.
  • Monorepo with Turborepo: The project utilized a monorepo structure, managed with Turborepo, to efficiently manage multiple services and components within a single repository. This streamlined dependency management, build processes, and code sharing.
  • Security: Security best practices were followed, including firewall rules for HashiCorp Vault and creating additional users with restricted rights on server instances.

Technologies and Key Highlights

  • Storj

Decentralized cloud storage selected for its strong global node network, encrypted file fragment storage, and ability to ensure high file availability without reliance on centralized providers.

  • HashiCorp Vault

Used as an encryption-as-a-service solution, ensuring secure encryption and decryption of documents without persisting unencrypted data, based on the Transit Engine.

  • Auth0

Provided secure user authentication and session management. It handled user login (email/password) and assigned appropriate roles for access control.

  • Next.js

Next.js enabled server-side rendering and a seamless user experience across devices.

  • Docker

Used for containerization to simplify development, testing, and deployment. Docker containers ensured consistent environments and easy scaling.

  • Supabase

Adopted as the backend database to store application metadata and document references.

  • Kong Gateway

Acted as a central API gateway to manage service-to-service communication, security policies, and routing between microservices.

  • hapi.dev

A framework used to create the API microservice.

  • Traefik

Implemented as a dynamic reverse proxy and load balancer, automatically handling SSL certificates and intelligent routing for incoming traffic.

  • GitHub Actions

Used for CI/CD automation to streamline build, test, and deployment pipelines, ensuring quick iteration and safe updates.

  • Turborepo

Turborepo was used to manage the project’s monorepo structure, streamlining dependency management, build processes, and code sharing.

  • DigitalOcean

Provided the cloud infrastructure for hosting services, ensuring high availability and scalability at reasonable costs.

Motivation and Vision

While Safedoc Network was developed as a university project, it embodies a broader vision for secure and decentralized document management systems. The project’s architecture and approach demonstrate the potential for applying Web3 technologies to address common challenges in data security, integrity, and accessibility.

Potential future applications of this system could extend to sectors requiring highly reliable document handling, such as legal, healthcare, academic, and governmental institutions.
The Safedoc Network project showcases how decentralization can empower more secure, resilient, and user-owned digital systems.

Status

Safedoc Network was developed as a prototype for academic purposes. Although it is not publicly deployed, the project serves as a proof of concept, illustrating the practical application of decentralized technologies in secure document management systems.

Back to Projects