Technical Architecture
For developers and privacy enthusiasts. Our planned architecture for the Recordwell backend.
Architecture overview
Recordwell will follow a "dumb server" design. The server stores encrypted blobs and handles authentication - nothing more. All the intelligence lives in the client.
- iOS Client - SwiftUI app with local Core Data storage, CryptoKit for encryption
- Auth Server - Rust-based OPAQUE authentication (RFC 9807), runs on Cloudflare Workers or Docker
- Storage - Any S3-compatible backend (AWS S3, MinIO, Cloudflare R2)
Planned self-hosting requirements
When self-hosting is available, you'll need:
- Docker host (any Linux server, Raspberry Pi, etc.)
- S3-compatible storage (MinIO works great for home use)
- Domain with TLS certificate (Let's Encrypt works fine)
The auth server will be a single Docker container. Storage is just a bucket. No database required for the minimal setup.
Why OPAQUE?
Most apps send your password (or a hash of it) to the server during login. OPAQUE is different - it's a Password-Authenticated Key Exchange that never reveals your password to the server.
Even if the auth server is compromised, attackers can't extract passwords. They can only attempt online brute-force attacks, which we rate-limit aggressively.
Open source
We're committed to making everything open source:
- iOS app - Swift, SwiftUI, CryptoKit
- Auth server - Rust, opaque-ke crate
- Documentation - Architecture Decision Records (ADRs)
We'll publish detailed ADRs explaining every security decision. No security through obscurity.
Roadmap
Our planned development path:
- iOS app with local-only storage (in progress)
- Hosted sync service with end-to-end encryption
- Self-hosting documentation and Docker images
- Family sharing with cryptographic access control
Subscribe to releases on GitHub to stay updated on our progress.