API
Rust
Description
The embedded columnar graph database built for highly regulated industries.
I was evaluating LadybugDB for an application that handles sensitive data and ran into a blocker: everything is stored plaintext on disk. Node properties, relationship data, table names — all readable with a hex editor. I can't think of many "highly regulated industries" that don't require encryption at rest.
I only spent a minute sleuthing but it looks like VMCache uses mmap so there's no application-controlled I/O path where you could slot in encryption. You'd probably need to move to a traditional buffer pool with explicit pread()/pwrite() — similar to what DuckDB did when they added AES-GCM in v1.4, or how SQLCipher wraps SQLite's pager.
Obviously that's a big change. Just wanted to flag it since it's a hard blocker for us and likely others in other regulated spaces. Feel free to close if it's not on the roadmap.
API
Rust
Description
The embedded columnar graph database built for highly regulated industries.I was evaluating LadybugDB for an application that handles sensitive data and ran into a blocker: everything is stored plaintext on disk. Node properties, relationship data, table names — all readable with a hex editor. I can't think of many "highly regulated industries" that don't require encryption at rest.
I only spent a minute sleuthing but it looks like VMCache uses mmap so there's no application-controlled I/O path where you could slot in encryption. You'd probably need to move to a traditional buffer pool with explicit pread()/pwrite() — similar to what DuckDB did when they added AES-GCM in v1.4, or how SQLCipher wraps SQLite's pager.
Obviously that's a big change. Just wanted to flag it since it's a hard blocker for us and likely others in other regulated spaces. Feel free to close if it's not on the roadmap.