A small selection of recent writing — long-form enough to be useful, short enough to read over a coffee.
A long-form treatment of how we design the encryption envelope for every on-device store. We cover Secure Enclave key storage, AES-GCM page-level encryption, key rotation strategy, the practical limits of biometric gating and why we still recommend opt-in passcode fallback even when biometrics succeed.
We open the lid on the rhythm generator behind our audio archive app — and explain why we chose procedural generation over pre-baked audio files.
A practical checklist of the DSA & ATT updates we have implemented this quarter — including the new ad-repository transparency report cadence and the consent revocation timeline.
Why we treat the 200ms after a tap as sacred stage time — and how our motion designers compose those moments to build trust without ever calling attention to themselves.
Our latest release brings adaptive practice plans, on-device mistake heatmaps and a fully redesigned score browser.
A walkthrough of how property-based testing let us catch three subtle bugs in our analytics layer that no human-written test would have surfaced.
CPRA, VCDPA, CPA, CTDPA, UCPA, TIPA — the new wave of state privacy laws, decoded for engineering teams shipping consumer apps in the United States.
A short essay on restraint. Where haptics help, where they annoy, and the one heuristic we use to decide if a tap should vibrate at all.
Renovation planning just got international. Our latest release brings multi-currency scenarios and locally curated tax profiles across 24 jurisdictions.
Four times a year. Long-form enough to be useful, short enough to read over coffee. No tracking pixels, no third-party analytics — we just email you when we have something worth saying.
We use your address only to send the digest. Unsubscribe with one click. See our Privacy Policy.