04 — Storage Features

Differentiators that exploit BitVault’s content-addressed core (storage/) for things commodity file apps can’t easily do: provable integrity, zero-knowledge privacy, time-travel, and immutability.


S1 — E2E Encrypted Private Vaults ⭐ flagship

Full treatment in 01 §4. Opt-in zero-knowledge tier; per-file content keys wrapped per recipient; honest tradeoff (no server-side search/preview/dedup on E2E data). Complexity XL · Resume Very High.


S2 — Verifiable Storage (CIDs + Merkle proofs) ⭐ flagship

Full treatment in 01 §6. Content IDs + inclusion proofs + signed receipts → prove integrity without trusting the server. Complexity M–L · Resume Very High.


S3 — Time-Travel / Point-in-Time Browse

Browse the entire namespace as it existed at any past timestamp — not just per-file version history, but “show me my whole /projects folder as of last Tuesday 3pm.”

   
Why it matters “Undo for your whole filesystem” / ransomware recovery / point-in-time exploration — a beloved, demoable feature that falls out of the journal.
Complexity M — journal replay + a time-scoped read path + UI; bounded by journal retention.
Dependencies Change journal + versioning (storage/07), backup retention alignment (platform/12).
Resume impact Medium. Event-sourced temporal queries are a tidy systems story.

Write-once-read-many vaults where objects cannot be modified or deleted until a retention period elapses (or a legal hold releases).

   
Why it matters Compliance (SEC 17a-4, etc.) + a strong anti-ransomware guarantee (even an admin can’t delete).
Complexity M — provider object-lock + GC/retention integration + policy surface.
Dependencies Storage WORM (storage/07), GC grace (storage/11).
Resume impact Medium. Compliance storage with correct GC interaction.

S5 — Content Transformation Pipeline

Automatic, event-driven derived assets: thumbnails, video transcodes, document previews, OCR text, virus scans — generated by Functions/plugins on upload.

flowchart LR
    classDef e fill:#fde68a,stroke:#b45309,color:#111827;
    classDef f fill:#bbf7d0,stroke:#15803d,color:#111827;
    up["upload → NodeChanged"]:::e --> bus["event bus (08)"]:::e
    bus --> t1["thumbnail fn"]:::f
    bus --> t2["transcode fn"]:::f
    bus --> t3["OCR / extract fn"]:::f
    bus --> t4["AV scan fn"]:::f
    t1 & t2 & t3 & t4 --> der["derived assets + metadata (content-addressed, dedup'd)"]:::f
   
Why it matters Previews/transcodes are expected of a serious file product; doing it via the plugin/Functions platform showcases composability and is extensible by users.
Complexity M atop Functions; individual transforms (transcode) have their own depth, offloaded to plugins.
Dependencies Functions (06), plugins (09), events (08).
Resume impact Medium. Event-driven media pipeline; strongest as proof the platform composes.

Priorities within storage

S1/S2 are the flagship trust pair. S3 (time-travel) is cheap, demoable delight. S5 showcases the platform. S4 is compliance table-stakes done correctly.