Gallery

List Item
List Item
List Item
List Item
List Item
List Item

Social Media

LEDGER 1

Result

          • ▫️99.9% reduction in unauthorized access attempts due to zero-trust access gates.
            ▫️Passed GDPR and ISO 27001 audits with zero security non-conformities.
            ▫️40% reduction in document access time with concurrent streaming and caching.
            ▫️100% of sensitive data encrypted at rest and in transit, with no server-side decryption.

Building a Zero-Trust, GDPR-Compliant Document Vault in Rust

Client Overview

    •  ▫️Client: Confidential (European Financial Services Conglomerate) 
    •  ▫️Industry: Financial Services, Legal Compliance
    •  ▫️Engagement Duration: 14 Months
    •  ▫️Region: EU (Operating across Germany, France, and the Netherlands)
    •  ▫️Team Deployed: 12 Rust Engineers, 2 Security Architects, 1 Compliance Officer

Objectives

    • ▫️Design a zero-trust document storage platform for storing and sharing high-sensitivity financial/legal documents.
    • ▫️Ensure full compliance with GDPR, ISO/IEC 27001, and internal regulatory frameworks.
    • ▫️Enable multi-party access control with cryptographic guarantees.
    • ▫️Provide an immutable audit trail for every document action without sacrificing privacy.
    • ▫️Future-proof the architecture with modular, blockchain-ready audit logging.
    •  

Solution

        • TechSteck Solutions developed a Rust-based document vault system from the ground up, leveraging cutting-edge cryptographic libraries and blockchain integrations to ensure end-to-end privacy, immutability, and access control.

Key Modules & Architecture

        •  1. Encrypted File Storage (Rust-Native)

        •  

          • ▫️Libraries Used: age, ring, and rust-crypto
          • ▫️Implementation Highlights:Files are encrypted client-side using ephemeral keys derived via X25519 ECDH exchange.
            • ▫️Keys are never stored on the server — enforcing zero-trust.
            • ▫️Encrypted shards are stored across multiple storage nodes with checksum validation.
            •  

          2. Multi-Party Access Control with ZK-Proofs

        •  

          • ▫️ZK Framework: arkworks-rs for lightweight ZK circuits
            • ▫️Users prove authorization using Zero-Knowledge Membership Proofs without revealing roles or identity.
            • ▫️Role-bound access is enforced at the API and storage layer.
            • ▫️Multi-sig-style approval for sensitive document actions (e.g., deletion, migration).

           

        • 3. Tamper-Proof Audit Logging

        •  

          • ▫️Immutable Logs:Every action (upload, view, access request, share) is hashed and written to a Merkle tree ledger.
            • ▫️Optionally backed by Hyperledger Fabric or a Substrate-based private chain.
LEDGER

Implementation Highlights

    •  

      Phase

      Description

      1. Requirements & Threat Modeling

      Security architecture aligned with GDPR and enterprise threat surfaces.

      2. Vault Core in Rust

      Designed async, thread-safe backend using tokio and actix.

      3. Crypto Layer

      Built custom ZK circuits and key management logic using ring and arkworks.

      4. Audit Chain

      Pluggable Merkle-chain log; deployed both off-chain & with Substrate.

      5. User Training & Compliance Testing

      Internal security team workshops and regulator sandbox testing.

Lessons Learned

          • ▫️ZK Proofs in Production Require Careful Design: Balancing proof complexity with real-time access performance is crucial.
          • ▫️Rust’s Type System Prevents Entire Classes of Bugs: Memory safety and performance were never compromised.

          ▫️Education Is Key: End-user and enterprise IT training was vital to ensure adoption without resistance.

Conclusion

    • By leveraging Rust’s performance and safety guarantees along with advanced cryptography, TechSteck Solutions delivered a next-gen Document Vault platform that redefines enterprise data security. The client now operates with unmatched confidence in the integrity, privacy, and compliance of their digital asset lifecycle

GET STARTED

If you would like to work with us or just want to get in touch, we’d love to hear from you!

Contact Us

Add: 2nd Floor, Bata Road, Plot No 16, NIT 1, Faridabad, Haryana 121001

 

Information

Term & Conditions

Privacy Policy

Let’s talk

©2025 | Techststeck Solutions