WRITING
Notes on building and running systems
Engineering write-ups — architecture, security, and the occasional war story.
01
An encrypted handshake on top of TLS — and why I built one
Application-layer payload encryption for auth: ephemeral ECDH P-256 → HKDF → AES-256-GCM, with replay protection. What it buys you, and what it doesn't.Jun 5, 2026 · 2 min read
02
Two databases on purpose: Postgres and MongoDB, each where it fits
Polyglot persistence is a smell when it's accidental and a strength when it's deliberate. Here's the split I chose and the rule that keeps it sane.Jun 3, 2026 · 2 min read