Case study
Security Design White Paper Platform
An independently built publishing pipeline that produces the official 1Password Security Design White Paper. It's a living document that ships like software.
The problem
A security white paper for a company like 1Password can't be a static PDF that lives in a drawer. It needs to be versioned, auditable, searchable, multi-format (HTML and PDF), and maintainable without a publishing team. The existing document (and its related processes) didn't meet that bar, so I built a new one.
What I built
An end-to-end publishing pipeline, independently designed and implemented:
- 01 Source layer: R + RMarkdown for structured, version-controlled authoring. Every chapter is a plain-text file that's diffable, reviewable, and editable without proprietary tooling.
- 02 Typesetting: Bookdown orchestrates multi-chapter output; LaTeX handles mathematical notation for cryptographic formulas (SRP protocol math, key derivation proofs) via MathJax.
- 03 Output formats: A single source produces a multi-page HTML site with in-document search (Fuse.js) and an interactive glossary, and a downloadable PDF.
- 04 CI/CD: Secured GitHub Actions help automate the build and deployment. No manual export or upload is required to publish updates.
- 05 Hosting + URL: Deployed to GitHub Pages under the AgileBits org with a clean, short canonical URL via the company's domain.
The result
An interactive public document that covers AES-256-GCM vault encryption, two-secret key derivation, SRP-based authentication, Secrets Automation with JWT bearer tokens, and a candid limitations section. The cryptographic architecture is studied by security researchers, technical decision makers, and users who want to audit 1Password's claims rather than take them on faith.