DorsalUpload

Zero-knowledge encrypted uploads.

DorsalUpload

Define upload routes against customer-owned S3 while keeping files encrypted before they leave the browser. Your app keeps the keys; DorsalUpload coordinates ciphertext uploads.

View route config Open dashboard
insurance-appeal.pdf 2.4 MB plaintext

Encrypted in browser before direct upload

ciphertext_sha256 7f3a9c1d8b2e4c91a8f0d3e9c2...
key envelope RSA-OAEP-256 + A256GCM

Compatibility target

Define routes with familiar builder APIs.

DorsalUpload keeps the developer-facing API familiar: route config, middleware, input parsing, `onUploadComplete`, React components, and `DorsalUploadApi`. 

import { createDorsalUpload, type FileRouter } from "dorsalupload/server";

const f = createDorsalUpload();

export const uploadRouter = {
  pdfUploader: f({ pdf: { maxFileSize: "16MB", maxFileCount: 1 } })
    .middleware(async ({ input }) => ({ userId: input.userId }))
    .onUploadComplete(async ({ file, metadata }) => {
      await saveEncryptedObject({
        userId: metadata.userId,
        objectKey: file.key,
        envelope: file.dorsal.key_envelope
      });
    }),
} satisfies FileRouter;

Zero-knowledge flow

Rust signs. The browser uploads ciphertext.

01

Browser

AES-GCM encrypts bytes locally

02

DorsalUpload API

Signs a direct upload URL for ciphertext only

03

File Delivery

Persists encrypted objects under org/app routes

04

Callback

onUploadComplete receives safe metadata

Developer docs

DorsalUpload-shaped APIs, DorsalUpload security defaults.

  • Axum and Tokio API with bounded JSON request bodies
  • Postgres schema for apps, routes, files, envelopes, usage, jobs, and audit
  • Direct upload and download URLs for encrypted objects
  • Browser-side AES-GCM encryption and RSA-OAEP key wrapping
  • Migration guide, compatibility matrix, threat model, and framework quickstarts

Pricing

Bring your S3. Pay for coordination.

Dev

$0

Local setup, mock presigns, and 1,000 monthly encrypted uploads.

Pro

$29/mo

Production apps, API keys, usage tracking, and larger encrypted uploads.

Business

Custom

Higher limits, operational review, and launch support for regulated data flows.

Security model

No plaintext document bytes in the normal DorsalUpload path.

The SDK encrypts, the API validates envelope v1 and signs short-lived S3 URLs, and your app keeps private keys. Developers still own plaintext before encryption and after local decryption.

  • Versioned `RSA-OAEP-256+A256GCM` envelopes
  • Customer-owned S3 buckets and short signed URL expiry
  • Hashed API keys and once-only secret display
  • Structured JSON logs with sensitive fields redacted
  • Readiness checks, metrics, audit events, and migration reports