MikeWatch Forks of the Mike legal-AI codebase, distilled for legal-tech readers
Home · easterbrooka/mike · this thread

easterbrooka catches the encryption rollout before it ships broken

A fix to the encrypted-storage plumbing that would have crashed the first sealed write in production.

securityinfrastructure

easterbrooka's fork is rolling out encryption-at-rest - the kind of feature that keeps sensitive client data unreadable to anyone who manages to peek at the database. This change fixes a quiet but fatal gap in that rollout: encrypted values weren't being formatted in the way the database actually expected. The first attempt to save a sealed record in production would have failed outright, and lookups that match users by their hashed email would have silently broken alongside it.

The fix itself is small but disciplined. Every encrypted value heading to storage now gets wrapped in the right shape on the way out, and the team added tests that simulate the exact failure the production system would have surfaced - so any future regression trips an alarm before it leaves a laptop.

So what For anyone weighing Mike forks where encryption-at-rest matters, this is a sign the team is testing the boundary where cryptography meets storage, not just the cryptography itself.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?