This sample is showing an example of using the Crypto Shredding pattern with EventStoreDB. This can be a solution for handling e.g. European General Data Protection Regulation.
Read more in the Diego Martin article "Protecting Sensitive Data in Event-Sourced Systems with Crypto Shredding";
- .NET 5.0 - https://dotnet.microsoft.com/download/dotnet/6.0.
- Visual Studio 2022, Jetbrains Rider or VSCode.
- Docker - https://docs.docker.com/docker-for-windows/install/.
- Run:
docker-compose up. - Wait until all Docker containers are up and running.
- Check that you can access each started component the following URL:
- EventStoreDB UI: http://localhost:2113/
- Open, build and run tests in CryptoShredding.sln solution.
The general flow for using Crypto Shredding patern:
- Identify sensitive data in an event. See:
- Associate sensitive data to a subject. See:
- DataSubjectIdAttribute ,
- and the usage in ContactAdded event.
- Store private encryption keys. See:
- Get rid of the private encryption key when desired. See:
DeleteEncryptionKeymethod in CryptoRepository.
- Cryptographic algorithm to use when encrypting and decrypting. See:
- Encrypt text and other data types. See:
- Upstream serialization with encryption mechanism. See:
- Decrypt text and masking mechanism when it cannot be decrypted. See:
- Downstream deserialization with decryption mechanism. See:
- Wire up together with an EventStoreDB gRPC client. See:
- Test everything with an EventStoreDB. See: