Mobidata — preowned mobile registry
Tamper-evident intake for phone shops: 10 photos plus a consent video per device, backed by an 11-layer durability stack across R2, B2, and Postgres PITR.
- Client
- Mobidata
- Industry
- Marketplace
- Year
- 2025
- Duration
- 20 weeks
The problem we walked into.
When the registry is the legal record, you cannot lose data and you cannot quietly tamper with it. Every record needed verifiable provenance — client-side hashes, multipart upload checks, RFC3161 timestamps — and the durability strategy had to survive a regional outage.
How we framed it.
Eleven layers of durability: client-side SHA-256 verified server-side, multipart R2 upload with integrity checks, monthly immutable Backblaze B2 archive, daily Postgres PITR via wal-g, RFC3161 timestamps on consent videos, 4-eyes hard-delete with token rotation, nightly 1% sampling, and a weekly automated restore drill.
What we shipped.
A seller-side intake flow that uploads with verifiable hashes, an admin console gated by 4-eyes for destructive actions, and a CI-driven weekly restore drill that proves the backup tier works. Single source of truth for design tokens fanned out to web and Flutter.
- Phone intake: 10 photos + 1 consent video per record, SHA-256 client + server verification
- Multi-tier storage: R2 primary, monthly immutable B2 archive, Postgres PITR (7-day)
- RFC3161 trusted timestamps on consent videos for legal defensibility
- 4-eyes hard-delete with token rotation, 2FA, and key escrow
- Weekly automated restore drill from B2 → test environment with full schema validation
Shirtology — Shopify multi-store ops
Multi-store Shopify back-of-house: bulk-operation product sync at 10k scale, wholesale tagging, R2-cached invoice generation, and security-tested edge deploys.
Have an idea worth building?
Tell us about your project. We'll come back within 24 hours with a plan and a quote.
Start a project