- Architecture -- how KEK, DEK, and context flow through a request
- Ciphers -- AES-256-GCM vs XChaCha20-Poly1305, when to switch
- Threat model -- what Sealcraft protects against and what it does not
- Performance -- cache hit paths, request-lifetime costs
- Moving columns from APP_KEY to Sealcraft -- per-column adoption for apps already using the
encryptedcast
Contributors
Thank you to everyone who has contributed to this package. Every pull request, bug report, and idea makes a difference.
