Now imagine answering with a cryptographic proof. One query. The exact permission state at that moment, cryptographically signed and verifiable. Not a reconstruction — proof.
That's where authorization needs to go.
That's what we're building with InferaDB.
Can you prove the timestamp is accurate?
Was this policy actually enforced, or just logged?
You can't answer. You're calling circumstantial evidence "proof."
This question breaks SOC 2 audits. You scramble to piece together a story: server logs here, auth service logs there, maybe some CloudTrail events. You're building a narrative from fragments.
Then they ask the follow-up:
How do you know these logs weren't modified?
Your authorization system can't prove it worked correctly yesterday.
Try it. Pull your logs and database backups. I'll wait.
It's not a policy you enforce. It's a mathematical constraint you can't violate.
That's the difference between checking a compliance box and building compliance into the architecture. That's InferaDB.
A consensus protocol works differently. If the protocol requires 3-of-5 nodes in the EU to commit a write, and only EU nodes exist in the quorum, the data physically cannot leave that jurisdiction. Not through misconfiguration. Not through a rogue deployment. Not at all.
You can't. Configuration is mutable. It can change, drift, break. You're trusting your deployment pipeline, your IaC reviews, your monitoring alerts—hoping nobody made a mistake.
The auditor comes back: how do you *know* customer data hasn't left the EU? You check your current config—looks good. Can you prove it never happened? That a misconfiguration didn't violate residency for 3 hours last month before someone caught it?
Your policy didn't change. Your *configuration* did.
Here's what breaks: you configure your database to deploy only in eu-west-1. Passes the audit. Six months later, someone adds disaster recovery in us-east-1 for redundancy. Or a performance optimization triggers cross-region replication. Or a terraform change accidentally updates the region config.
"We deploy in eu-west-1" is not a data residency guarantee.
A deployment configuration is a policy. A consensus protocol that physically can't replicate data outside a jurisdiction is a guarantee.
One satisfies an auditor's question. The other satisfies the follow-up.
InferaDB was built with verifiability at the foundation. Every permission decision gets cryptographically recorded in an immutable structure. You don't trust it worked — you prove it.
SOC 2 and HIPAA demand continuous control. If your auth layer can't cryptographically prove its own state, you're reconstructing narratives from scattered logs and hoping nothing's missing.
You log the outcome ("user X accessed resource Y"), but can you prove the decision was correct? That the policy was actually enforced, permissions hadn't drifted, nothing was tampered with?
Traditional auth systems weren't built for proof. They're optimized for speed: in-memory policy engines, cached role checks, ephemeral decisions that vanish the moment they're made.
Your authorization layer is the only part of your infrastructure you can't verify — and it's making every access decision.
You've got observability everywhere. APIs, databases, services — all instrumented. But auth? It's a black box. Outputs "allow" or "deny" and you trust it.
Marathon is the first extraction shooter I've found that doesn't feel like a second job.
Spent all weekend playing with my partner and friends. The cyberpunk aesthetic is stunning — combat is tight, and even short sessions feel rewarding. Most fun I've had with the genre!
We brought zero trust everywhere except the actual root of trust — where "allow" or "deny" becomes reality.
That's the problem we're solving with InferaDB.
It's policy engines, role tables, permission checks scattered across services. Constantly updated, rarely audited end-to-end. When it breaks or drifts out of sync, every system downstream inherits that failure.
No way to verify itself in real time.
Zero trust for identity? Check. For devices and networks? Yep. For workloads? Of course.
For the authorization layer that actually enforces access decisions? Crickets.
I'm building a little game engine in Metal/Vulkan from scratch with Claude Code (just for fun) and I decided I wanted to integrate a big throw back to my early gamer days — Starsiege Tribes skiing. I can't tell you how overjoyed I was that Claude understood this concept thoroughly.
I wrote about the technical details here: www.linkedin.com/pulse/trust...
For developers, this means one storage layer handles both performance and compliance. No separate logging systems. No piecing together audit trails. The database structure guarantees its own integrity.
We built a hybrid storage model that delivers sub-millisecond reads while maintaining full verifiability. Fast enough for real-time apps, trustworthy enough for SOC 2 and HIPAA.
InferaDB uses blockchain architecture to make authorization cryptographically verifiable. Every permission check, grant, and change creates an immutable audit trail you can prove; not just trust.
Ever wonder what's actually happening inside your authorization system? Traditional setups operate like black boxes: permissions go in, yes/no comes out, and you just hope nothing's been tampered with. We're changing that.
At the beginning of each workday, each player draws 7: three ‘Just Checking In’s, two ‘No Rush On This’s, one ‘Per My Last Email,’ and a legendary: ‘Let Me Know How I Can Help.’ You may play any number of kindness spells this turn.
Very early days, but you can follow along with Ferment's development at github.com/inferadb/fe...
Love building terminal UIs — it scratches an itch that's hard to define. Coming of age in the 90s hacking scene left an impression on me, I think. This is from @InferaDB CLI's `dev status --interactive` command. It's built using our Rust-native TUI framework inspired by Bubble Tea, called Ferment.
Two men in winter hats and glasses smiling in front of Chicago's reflective Cloud Gate sculpture ("The Bean") with city skyscrapers behind.
Five friends bundled in jackets pose smiling in front of Chicago's reflective Cloud Gate sculpture ("The Bean") on an overcast autumn day
Group of six friends seated around a round restaurant table, chatting and using phones, wine glass and place settings visible in a cozy, art-filled dining room.
In Chicago this week visiting with our dear friends 😊
