Security●●Solid
Git-agecrypt – transparent file-level encryption for Git
Git-crypt replacement using age with YubiKey plugin support and deterministic ciphertext.
Niche GemShip It
bartei81
701mo ago
Back to browse
CipherStash Stack – Data Level Access Control in TS/JS
by dandraper·May 21, 2026·17 points·0 comments
AI Analysis
●●●BangerBig BrainWizardrySolve My Problem
Searchable encryption running queries over ciphertext faster than AWS KMS direct.
Strengths
- •Value-level encryption with EQL allowing Postgres to filter/sort over ciphertext directly
- •ZeroKMS key management achieving 14x speedup over direct AWS KMS calls
- •Transparent SQL proxy enables legacy app integration with zero code changes
Weaknesses
- •Postgres-only support limits adoption for teams using MySQL, MongoDB, or other databases
- •Complex cryptography stack may require deep security audits before production trust
Category
Target Audience
Backend developers, security engineers, SaaS founders handling sensitive data
Similar To
CryptDB · Microsoft Always Encrypted · CipherStash (previous versions)
Post Description
Hi HN, I'm Dan Draper, founder of CipherStash.
We've spent 5 years building per-value searchable encryption tech. We realized that encryption like this is incredibly powerful but the engineering required is generally not worth the effort. So we built a platform and opensource SDK to take the cry out of cryptography :)
CipherStash Stack is: * A searchable encryption SDK for TS and Postgres * Fast, key management with Zerokms (backed by HSM) * A transparent SQL proxy * Auth library and OIDC federation service * Skills for data security
Integrations include Prisma Next, Drizzle, Auth0, Clerk and Supabase.
Install and setup is done via a single npx stash init command. And can handoff implementation to your agent.
You can start by encrypting just a single field and we've got the whole process down to around 15 minutes.
Oh and its fast: most queries run in a few ms with many faster than that.
We published our full benchmarks here: https://github.com/cipherstash/benches#headline-numbers
I'd love to know what you think!
Similar Projects
Security●●●Banger
Stack – the control plane for AI agents
JWT passports with 4-hop delegation chains and 60-second revocation for agent identity.
Big BrainBold Bet
tiel88
201mo ago
SaaS●●Solid
StackWho – Find companies by tech stack with decision maker contacts
BuiltWith plus verified emails and LinkedIn profiles, but ZoomInfo and Apollo already do this.
Solve My ProblemSlick
veritas9
103mo ago
Design●Mid
A "gym" for art value studies using images from your Pinterest boards
Pinterest-to-painting workflow for artists, but it's a single-page utility.
CozyNiche Gem
sailorganymede
3014d ago
AI/ML●●Solid
Remy, an AI agent that compiles annotated Markdown into full-stack apps
Annotated Markdown as source of truth, code as compiled output from AI agent.
Big BrainBold BetShip It
sthielen
512mo ago
Developer Tools●●●Banger
Full-stack type-safety from go to TypeScript with Hot Reloading
Zero-annotation, hot-reloading end-to-end type safety from Go structs to TypeScript client.
SlickSolve My Problem
fcjr
103mo ago