I developed Hedystia following the architectural style of Elysia, as I really appreciate its design. However, I ran into significant hurdles when connecting the frontend and backend using Eden. In a diverse team environment, maintaining synchronized type builds can be difficult, often forcing other developers to require direct API access just to work. I built Hedystia with a more professional team workflow in mind, specifically to eliminate these bottlenecks and the issues I encountered with Elysia
TECTO (Transport Encrypted Compact Token Object) is a lightweight token protocol
that fully encrypts token contents using XChaCha20-Poly1305, unlike JWTs which
are only base64-encoded and readable by anyone.
Key features:
- Fully encrypted payloads (mathematically unreadable without the 32-byte secret)
- Authenticated encryption with Poly1305 integrity tags
- Per-token cryptographic nonces generated from CSPRNG
- Generic error messages to prevent oracle attacks
- Key rotation support with multiple keystore backends (Memory, SQLite, PostgreSQL, MariaDB)
- Replay protection via jti claims
- Zero-copy plaintext cleanup
