1. Perhaps I am misusing the "blockchain" term. The access is granted with signed blocks. Each block can introduce some changes, like granting/removing access to other users, including the encryption key with an envelope. Each block links to the previous via hash. There is no consensus mechanism.

2. The vault is defined by a storage and the public keys of the creator. A client must know in advance the creator keys and he will use those keys to verify the signature. The creator then can grant admin rights to other users with specific blocks. An access grant not signed by an admin, will be rejected by a user. It is not really about data truth, because the target is more information exchange. Does it answer the question?

3. Go is the implementation language, not really a binding. I use Python in the first example because it is more compact. However the guide shows samples for all supported languages. The primary target is Go for server side and Dart for mobile. Python is effective for samples and experiments.

Applications on the public cloud raise strong concerns about data protection. As an architect, I spend a meaningful part of my time ensuring the security of customers’ data in the cloud.

Bao introduces an innovative approach where data remains on local devices while the cloud provides encrypted storage for synchronization and peer exchange. Because cloud providers cannot access the data, the need for due diligence is reduced.

Any feedback is welcome.

I will appreciate any feedback. Thank you!