GuardianDB has just released version 0.17.1, with its main highlight being read replication backed by a robust cryptographic guarantee. This feature was designed for topologies that require a small number of write nodes and multiple read nodes, making it perfectly suited for scenarios such as backup applications. The core premise is that a node designated as a reader can read and replicate the database but is absolutely incapable of modifying it, even if the machine is compromised and the software is tampered with.
This security is not based on simple software checks, but on a real cryptographic limitation embedded in the underlying iroh-docs model. During the connection process, read nodes receive only the public key of the namespace, while the write secret is shared exclusively with explicitly authorized peers. Without this secret, it is impossible for a reader to forge or sign entries that other nodes in the network would accept, eliminating the risk of insertion, deletion, or corruption of data at the source. The system also includes additional layers of defense, immediately blocking and failing any local attempt to write to a database configured as read-only.
Despite the high level of security, it is important to understand how access revocation works. Because the write secret is symmetric and permanently held by those who receive it, revoking a compromised write node requires a namespace rotation. This security procedure involves creating an entirely new database, migrating the current state, and redistributing new access only to nodes that remain trusted, abandoning the old namespace. On the other hand, revoking read nodes is a trivial and immediate process, requiring only that the issuance of new access tickets to them be stopped.
See more on READ_ONLY_REPLICATION and NAMESPACE_ROTATION