| hey hn, supabase ceo here Vault is a Postgres extension that wraps pgsodium/libsodium. It enables 2 key features: 1. Secrets management - you can store things like API Keys 2. Transparent Column Encryption (TCE)[0]. This allows you to encrypt a column in any of your tables, with a View for "selecting" out the decrypted data. It enables "row level encryption" too when you create a key for each row. The blog post details how it works with AEAD[1]. This is a secure way of encrypting "associated data". An easy way to explain this: Imagine you associated a `user_id` with a `credit_card_number` while you encrypt it. A bad-actor updates the `user_id` to their own ID. When they attempt to decrypt the `credit_card_number` it will fail because the data that is associated is different. (note: please don't store credit cards in supabase) We're rolling it progressively to the platform over the next month. Michel, the mastermind behind this one will be here to answer the questions that are above my head. this is the last big launch of the week. You can see everything we launched this week here[2]. Some highlights from today: pg_graphql v1.0[3] (re-written in rust), PostgREST 11[4], and PGroonga release for multilingual search. [0] TCE: https://supabase.com/blog/transparent-column-encryption-with... [1] AEAD: https://en.wikipedia.org/wiki/Authenticated_encryption#Authe... [2] Launch Week: https://supabase.com/blog/launch-week-6-wrap-up [3]: pg_graphql v1.0: https://supabase.com/blog/postgres-point-in-time-recovery [4]: PostgREST 11: https://supabase.com/blog/postgrest-11-prerelease |
You did it! The crazy sunoffabeach, you did it!
BRB, friendship ended with Firebase, Supabase is my new best friend.