SYSTEM DESIGN

Built for the age of AI agents

Edge-first. Event-sourced. Content-addressed. Every layer designed so humans and AI agents collaborate on files through one unified API.

System Overview
Client, edge, storage
Every request follows the same path. Any client - browser, AI agent, CLI - hits the nearest edge node for auth and routing. The edge reads and writes to two storage layers: a metadata index and a content-addressed blob store.
CLIENTS
Browser
Human
Claude
AI agent
ChatGPT
AI agent
CLI / API
Any HTTP client
HTTPS / MCP
GLOBAL EDGE NETWORK
US East
EU West
AP South
AP East
SA East
Auth · Routing · Rate limiting · Presigned URLs · MCP dispatch
Read / Write
STORAGE
Global consistency
Meta Pane
File index, event log, sessions, blob references, tx counters
fileseventsblobssessions
Geo-distributed
Object Storage
S3-compatible blob store, content-addressed by SHA-256
SHA-256presigned URLszero egress
Meta Pane
Paths and content live apart
File identity is decoupled from file content. A path points to a content hash, like how a filename points to an inode. This makes moves, renames, and dedup instant.
files
pathaddrsizetx
report.pdfa1b2c3d4...200 KB1
data/config.jsond4e5f6a7...512 B2
backup/report.pdfa1b2c3d4...200 KB6
blobs
addrref_count
a1b2c3d4...2
d4e5f6a7...1
Move / Rename O(1)
Update the path column. The blob stays in place. Zero bytes copied, zero storage operations. Instant regardless of file size.
Deduplication automatic
Two files with identical content share one blob. The addr column matches, ref_count increments. No extra storage consumed.
Delete ref counted
Remove the file entry, decrement ref_count. The blob is only garbage-collected when no files reference it anymore.
Integrity built in
The content hash IS the address. If the data doesn't match the hash, corruption is self-evident. No separate checksums needed.
Request Lifecycle
Zero data through the API
Clients compute SHA-256 locally, then upload directly to the content-addressed location via presigned URLs. Downloads redirect to presigned URLs. File bytes never touch the edge worker.
01
Compute hash & initiate
Client computes SHA-256 of the file locally, then sends path, content type, and hash. Edge checks if the blob already exists (instant dedup). If not, generates a presigned PUT URL to the content-addressed location.
POST /files/uploads {path: "report.pdf", content_hash: "a1b2c3..."}
dedup check
02
Direct upload to content-addressed location
Client PUTs file bytes directly to the presigned URL. The blob lands at its final content-addressed path. No data flows through the API server.
PUT {presigned_url} blobs/{actor}/a1/b2/a1b2c3...
direct to storage
03
Confirm & index
Client confirms completion. Edge verifies the blob exists at the content-addressed location via HEAD (no data pull), then writes the file entry + event to the Meta Pane and updates blob ref count.
POST /files/uploads/complete {path: "report.pdf"}
fast
01
Request file
Client requests a file by path. Edge validates auth, looks up the file in the Meta Pane.
GET /files/report.pdf -H "Authorization: Bearer $TOKEN"
fast
02
Presigned redirect
Edge generates a time-limited presigned GET URL and returns a 302 redirect. The client follows it automatically.
302 Location: https://storage.../blobs/alice/a1/b2/a1b2c3...
direct from storage
01
AI calls storage_write
Claude, ChatGPT, or any MCP client invokes the storage_write tool with path and content.
tool: storage_write {path: "notes/summary.md", content: "..."}
MCP protocol
02
MCP server handles internally
The MCP server uses the same storage engine as REST. It uploads the blob, writes the file entry, and records the event in one step.
engine.put(actor, "notes/summary.md", blob)
single round-trip
03
Result returned to AI
The tool returns success with a transaction number (tx). The AI can immediately read the file back or share it.
result: {tx: 42, path: "notes/summary.md", size: 1847}
immediately visible
Multipart Upload
Large files, same zero-proxy guarantee
Files too large for a single PUT are split into parts. Each part uploads directly to object storage. The edge never touches the file bytes.
01
Compute hash & initiate
Client computes SHA-256 of the complete file, then requests a multipart upload. Edge creates the upload at the content-addressed location and returns presigned URLs for each part.
POST /files/uploads/multipart {path: "dataset.parquet", part_count: 5, content_hash: "a1b2c3..."}
up to 10,000 parts
02
Upload parts directly
Client PUTs each part directly to its presigned URL. Parts upload in parallel to object storage. No data flows through the API server.
PUT {part_url_1} --data-binary @part1 PUT {part_url_2} --data-binary @part2 (parallel)
direct to storage
03
Complete & index
Client sends part ETags to finalize assembly. Edge verifies the assembled blob via HEAD (no data pull), then records file entry + event in the Meta Pane.
POST /files/uploads/multipart/complete {parts: [{part_number: 1, etag: "..."}, ...]}
metadata only
Range Read
Download any byte range
Downloads redirect to presigned object storage URLs, which natively support HTTP Range headers. Partial downloads never touch the edge worker.
01
Request file
Client requests a file by path. Edge validates auth, looks up metadata, and returns a 302 redirect to a presigned object storage URL.
GET /files/report.pdf → 302 Location: {presigned_url}
redirect
02
Range request to storage
Client follows the redirect and sends a standard HTTP Range header directly to object storage. The storage layer handles partial content natively, returning HTTP 206.
GET {presigned_url} -H "Range: bytes=0-1023" → 206 Partial Content
direct from storage
Resume downloads
Interrupted transfers can resume from the last byte received.
Stream sections
Read specific byte ranges without downloading the entire file.
Zero worker load
All byte serving happens at the storage layer, not the edge worker.
Standard HTTP
Uses standard Range headers. Works with any HTTP client.
Content Addressing
Same content, one blob
Files are stored by their SHA-256 hash. Upload the same file twice, only one copy is stored. Rename a file, zero bytes copied.
FILE PATH
BLOB ADDRESS
report.pdf
blobs/alice/a1/b2/a1b2c3d4e5f6789...
data/config.json
blobs/alice/d4/e5/d4e5f6a7b8c90ab...
backup/report.pdf
blobs/alice/a1/b2/a1b2c3d4e5f6789...
Automatic dedup
Same content = same blob. Always.
Free integrity
The hash IS the identifier. Corruption is self-evident.
Zero-cost move
Only the Meta Pane path changes. No blob copies.
Collision risk ~2-128
Effectively zero. Would take 1021 years at 10B files/sec.
Event Architecture
Every mutation is an event
Not just logging. The event log is the primary source of truth for what happened, when, and by whom. Every version, every action, fully replayable.
TX
ACTION
PATH
ADDR
TIME
1
put
readme.md
a1b2c3d4...
09:14:22
2
put
data/config.json
d4e5f6a7...
09:14:23
3
move
docs/readme.md
a1b2c3d4...
09:15:01
4
delete
old/draft.txt
-
09:15:44
5
put
data/config.json
f7g8h9i0...
09:16:12
Smart Versioning
Every write to the same path creates a new event with a new content hash. Previous versions remain in the log. Reconstruct the full history of any file by reading its events.
Replayable
Start from tx 0, apply events in order, and reconstruct the complete state of any actor's storage at any point in time. Perfect for disaster recovery and debugging.
Auditable
Every event records who did what, when. No action goes untracked. For AI agents operating autonomously, this provides complete accountability and traceability.
Realtime Change Tracking
Agents poll for events since their last known transaction number. No need to list all files and diff. Just ask "what changed since tx 42?" and get exactly the new events.
APPEND-ONLY
Immutable log
Events are never updated or deleted. Full history preserved.
MONOTONIC
Dense sequence
Transaction numbers have no gaps. Ordered by insertion time.
PER-ACTOR
Isolated counters
Each actor has its own tx sequence. No cross-actor contention.
VERSIONED
Every write tracked
Multiple puts to the same path create a version chain in the log.
Dual Identity Model
Humans and agents are equals
Both authenticate differently but get the same API surface. No "service accounts" or "bot modes", just actors.
Human
Magic link authentication
1Enter email address
2Click magic link in inbox
3Session cookie set automatically
4Use browser, API, or CLI
AI Agent
Ed25519 challenge-response
1Register public key via /auth/register
2Request challenge nonce via /auth/challenge
3Sign nonce with private key
4Exchange signature for bearer token
Same API, same capabilities
CAPABILITY
HUMAN
AGENT
Upload files
Yes
Yes
Download files
Yes
Yes
Share files
Yes
Yes
Search files
Yes
Yes
Connect via MCP
Yes
Yes
Edge-First
Global by default
No origin server. No single region. The entire application runs at the edge, distributed across every continent. Your request never crosses the world to reach a data center.
GLOBAL EDGE NETWORK
North America
South America
Europe
Africa
Asia
Oceania
Every request served
from the nearest node
HOW A REQUEST TRAVELS
Your client
Any location
nearest edge
Edge node
Auth + Meta Pane + Presign
presigned URL
Object store
Direct transfer
Traditional (single origin)
All requests route to one region
File bytes proxy through the API
Cold starts from container spin-up
Latency scales with distance to origin
Storage (global edge)
Requests hit the nearest edge node
Direct transfers via presigned URLs
Near-instant cold starts at the edge
Consistent performance everywhere
For AI agents
Agents in cloud functions have their own cold starts. Adding network round-trips to a distant origin makes tool calls slow. Edge keeps the API fast wherever the agent runs.
For humans
The web dashboard, file browser, and share links all load from the nearest edge. No matter where your team is located, the experience is the same.
For collaboration
When a human in Tokyo and an agent in Virginia share the same storage, both get fast responses. No single region becomes a bottleneck for the team.
MCP Integration
AI-native, not AI-bolted
MCP tools map directly to storage operations. Same engine as REST. A file uploaded via API is instantly visible to Claude or ChatGPT.
AI Client
Claude, ChatGPT, custom
MCP Server
OAuth + 8 tools
Storage Engine
Meta Pane + Object Store
MCP TOOL
REST EQUIVALENT
DESCRIPTION
storage_read
GET /files/{path}
Read file contents
storage_write
POST /files/uploads
Write or overwrite a file
storage_list
GET /files?prefix=
List files in a folder
storage_search
GET /files/search
Search files by name
storage_share
POST /files/share
Create a temporary public link
storage_move
POST /files/move
Move or rename a file
storage_delete
DELETE /files/{path}
Delete a file
storage_stats
GET /files/stats
Get storage usage
Why AI Agents Love This
Designed for autonomous operation
Every architectural decision was made with AI agents in mind, not as an afterthought but as a primary use case.
01
No SDK required
Plain HTTP with JSON. Any agent runtime can call Storage with zero dependencies.
02
Deterministic responses
Consistent JSON schemas documented via OpenAPI. No HTML parsing, no brittle scraping.
03
MCP native
8 tools map directly to storage operations. Connect once, then read, write, search, and share from any MCP-compatible AI.
04
Incremental sync
Event sourcing means agents poll for changes since their last known tx. No full directory scans required.
05
Automatic deduplication
Content addressing means agents don't waste storage re-uploading the same file. SHA-256 handles it.
06
Edge-fast responses
Fast enough for tool calls inside LLM inference loops. Edge runtime eliminates round-trips to a distant origin.
07
First-class identity
Agents are actors, not hacks on user accounts. Ed25519 key auth designed for programmatic access from day one.
08
Scoped permissions
API keys with path-prefix restrictions. Give an agent access to data/ but not secrets/. 90-day TTL auto-rotation.
09
Full audit trail
Every agent action is logged with actor, resource, and timestamp. Debug agent behavior with complete history.
10
Zero egress fees
Agents can read files as often as they need without cost anxiety. No bandwidth metering, ever.
Technology Stack
Chosen for simplicity
Every component is the simplest technology that solves the problem well. No over-engineering.
COMPUTE
Edge Workers
Distributed globally across every continent. Near-instant cold starts. No containers, no VMs, no orchestration.
API SPEC
OpenAPI 3.1
Auto-generated API documentation from route definitions. Every endpoint typed, validated, and documented.
METADATA
Meta Pane
Fast reads, strong consistency, zero configuration. Stores file index, events, sessions, and blob references.
STORAGE
Object Store
S3-compatible, globally distributed, zero egress fees. Content-addressed blobs with presigned URL access.
AUTH
Ed25519 + Magic Links
Public-key challenge-response for agents. Email magic links for humans. No passwords to manage or leak.
PROTOCOL
REST + MCP
Plain HTTP for universal access. Model Context Protocol for AI-native integration. Same engine, two interfaces.
VALIDATION
Schema Validation
Runtime type safety for all request and response schemas. Invalid inputs rejected before reaching business logic.
SECURITY
OAuth 2.0 + PKCE
Standard flow for third-party apps and MCP clients. Dynamic client registration. Scoped API keys with TTL.
OBSERVABILITY
Audit Logging
Every action logged with actor, resource, and timestamp. Event-sourced transaction log doubles as audit trail.
Start building today
Free plan. No credit card. Agents welcome.
Developer Guide API Reference CLI Docs
# Storage Architecture Purpose-built for AI agents and humans to collaborate on files. Storage is an edge-first file storage platform. Every design decision, from content addressing to event sourcing to the dual identity model, serves both human users and AI agents through one unified API. ## System Overview
Client (Human or Agent) │ │ HTTPS ▼ ┌─────────────────────────────────────────────┐ │ Edge Runtime │ │ ┌────────┐ ┌──────────┐ ┌─────────────┐ │ │ │ Auth │ │ Router │ │ MCP Server │ │ │ │ Layer │ │ │ │ (Tools) │ │ │ └────────┘ └──────────┘ └─────────────┘ │ └──────────────────┬──────────────────────────┘ │ ┌──────────┴──────────┐ ▼ ▼ ┌───────────────┐ ┌───────────────┐ │ Meta Pane │ │ Object Storage│ │ │ │ (Blobs) │ │ files (inode)│ │ │ │ events │ │ blobs/ │ │ blobs (ref) │ │ {actor}/ │ │ sessions │ │ {aa}/{bb}/ │ │ tx_counter │ │ {hash} │ └───────────────┘ └───────────────┘
### Layers
LayerTechnologyRole
Edge RuntimeGlobal edge workersRequest handling, auth, routing, MCP
Meta PaneStructured metadata storeFile index, events, sessions, blob refs
Blob StoreS3-compatible Object StorageFile content, content-addressed by SHA-256
ProtocolREST + MCPUnified access for humans and AI agents
## Meta Pane The Meta Pane stores all structured data: file entries, events, sessions, blob references, and transaction counters. It separates file identity from file content, similar to how UNIX inodes separate a filename from disk blocks. ### Data Model
files table ┌──────┬──────────────────┬──────────────┬──────────┬───────┐ │ id │ path │ addr (hash) │ size │ tx │ ├──────┼──────────────────┼──────────────┼──────────┼───────┤ │ 1 │ report.pdf │ a1b2c3d4... │ 204800 │ 1 │ │ 2 │ data/config.json │ d4e5f6a7... │ 512 │ 2 │ │ 3 │ backup/report.pdf│ a1b2c3d4... │ 204800 │ 6 │ └──────┴──────────────────┴──────────────┴──────────┴───────┘ blobs table (ref counting) ┌──────────────┬───────────┐ │ addr (hash) │ ref_count │ ├──────────────┼───────────┤ │ a1b2c3d4... │ 2 │ ← two files, one blob │ d4e5f6a7... │ 1 │ └──────────────┴───────────┘
### Why This Enables Fast Operations - Move / Rename: Update the path column. Zero blob copies. O(1). - Deduplication: Same addr means same blob. Upload once, reference many times. - Delete: Decrement ref_count. Only delete the blob when it reaches zero. - Integrity: The hash IS the address. Corruption is self-evident. ## Request Lifecycle ### Upload Flow
1. Client computes SHA-256 of file locally 2. Client ──POST /files/uploads {content_hash}──> Edge (auth + dedup check) └── If blob exists: instant dedup, skip upload, return immediately 3. Edge ──returns presigned URL to content-addressed location──> Client 4. Client ──PUT bytes──> Object Storage (direct, to blobs/{actor}/{hash}) 5. Client ──POST /files/uploads/complete──> Edge (HEAD verify + index)
- Client-side SHA-256 enables instant deduplication before upload - File bytes upload directly to the content-addressed blob location - On confirm, edge verifies via HEAD (no data pull), then records metadata - Zero file data flows through the edge worker ### Multipart Upload
1. Client computes SHA-256 of complete file locally 2. Client ──POST /files/uploads/multipart {content_hash, part_count}──> Edge 3. Edge ──returns presigned URLs for each part──> Client 4. Client ──PUT parts in parallel──> Object Storage (direct) 5. Client ──POST /files/uploads/multipart/complete {parts}──> Edge (HEAD verify + index)
- Up to 10,000 parts per upload - Parts upload in parallel directly to object storage - Same zero-proxy guarantee as single uploads - Same client-side SHA-256 dedup check ### Download Flow
1. Client ──GET /files/{path}──> Edge (auth + lookup) 2. Edge ──302 redirect──> Presigned Object Storage URL 3. Client ──GET──> Object Storage (direct download)
- Zero bandwidth through API server - No egress fees from Object Storage ### Range Read Downloads redirect to presigned object storage URLs, which natively support HTTP Range headers. Partial downloads never touch the edge worker.
1. Client ──GET /files/{path}──> Edge (302 redirect to presigned URL) 2. Client ──GET {presigned_url} -H "Range: bytes=0-1023"──> Object Storage (206 Partial)
- Resume interrupted downloads from last byte - Read specific byte ranges without downloading the full file - All byte serving happens at the storage layer ## Content Addressing Every file is stored by the SHA-256 hash of its content:
Path: blobs/{actor}/{hash[0:2]}/{hash[2:4]}/{hash} Example: blobs/alice/a1/b2/a1b2c3d4e5f67890...
### Properties - Automatic deduplication: same content = same blob, always - Free integrity verification: the hash IS the identifier - Zero-cost rename and move: only the Meta Pane path changes - Collision risk ~2^-128: effectively zero Upload the same file twice, one blob stored. Rename a file, zero bytes copied. ## Event Architecture Every mutation in the system produces an immutable event. This is not just logging. It is the primary source of truth for what happened, when, and by whom. ### Event Log
┌─────┬────────┬──────────────┬──────────────┬───────────┐ │ tx │ action │ path │ addr │ timestamp │ ├─────┼────────┼──────────────┼──────────────┼───────────┤ │ 1 │ put │ readme.md │ a1b2c3... │ 1711065600│ │ 2 │ put │ data/cfg.json│ d4e5f6... │ 1711065601│ │ 3 │ move │ readme.md │ a1b2c3... │ 1711065602│ │ 4 │ delete │ old/file.txt │ (null) │ 1711065603│ │ 5 │ put │ data/cfg.json│ f7g8h9... │ 1711065604│ └─────┴────────┴──────────────┴──────────────┴───────────┘
### Properties - Append-only: events are never updated or deleted (until GC compaction) - Per-actor isolation: each actor has its own transaction counter - Dense sequence: tx numbers have no gaps, ordered by insertion time - Monotonic: tx counter never resets ### Smart Versioning Every put to the same path creates a new event with a new addr. The previous version is still in the event log. You can reconstruct the full history of any file by reading events for that path. ### Replayable Given the event log, you can reconstruct the complete state of any actor's storage at any point in time. Start from tx 0, apply events in order, and you get the exact file tree. ### Auditable Every event records who did what, when. No action goes untracked. For AI agents operating autonomously, this provides complete accountability. ### Realtime Change Tracking Agents can poll for events since their last known tx number. No need to list all files and diff. Just ask "what changed since tx 42?" and get exactly the new events. ### Why This Matters for AI Agents - Incremental sync without full directory scans - No race conditions between concurrent agent operations - Full audit trail of every action an agent took - Deterministic replay for debugging agent behavior - Version history for every file, built in ## Dual Identity Model Storage treats humans and AI agents as equal participants. Both are "actors" with the same API surface and permissions model. ### Human Authentication
1. Request magic link via email 2. Click link to activate session 3. Session cookie set automatically 4. Use browser, API, or CLI
### Agent Authentication
1. Register Ed25519 public key 2. POST /auth/challenge to receive nonce 3. Sign nonce with private key 4. POST /auth/verify to get bearer token
### Same API, Different Auth
CapabilityHumanAgent
Upload filesYesYes
Download filesYesYes
Share filesYesYes
Search filesYesYes
Connect via MCPYesYes
No special "service account" or "bot mode". An agent is just another actor. ## Edge-First Design The entire application runs at the edge, as close to the client as possible. No origin server. No single region. V8 isolates distributed across every continent. ### How a Request Travels
Your client ──nearest edge──> Edge node ──presigned URL──> Object store (any location) (Auth + Meta Pane + Presign) (Direct transfer)
### Traditional vs Edge
Traditional (single origin)Storage (global edge)
All requests route to one regionRequests hit the nearest edge node
File bytes proxy through the APIDirect transfers via presigned URLs
Cold starts from container spin-upNear-instant cold starts
Latency scales with distance to originConsistent performance everywhere
### Why Edge Matters - For AI agents: Agents in cloud functions have their own cold starts. Adding network round-trips to a distant origin makes tool calls slow. Edge keeps the API fast wherever the agent runs. - For humans: The web dashboard, file browser, and share links all load from the nearest edge. No matter where your team is located, the experience is the same. - For collaboration: When a human in Tokyo and an agent in Virginia share the same storage, both get fast responses. No single region becomes a bottleneck for the team. ## MCP: Native AI Integration Storage implements the Model Context Protocol as a first-class interface, not an adapter bolted on top. ### Tools
ToolMaps toDescription
storage_readGET /files/{path}Read file contents
storage_writePOST /files/uploads + confirmWrite or overwrite a file
storage_listGET /files?prefix=List files in a folder
storage_searchGET /files/search?q=Search files by name
storage_sharePOST /files/shareCreate a temporary public link
storage_movePOST /files/moveMove or rename a file
storage_deleteDELETE /files/{path}Delete a file
storage_statsGET /files/statsGet storage usage
### MCP Architecture
AI Client (Claude, ChatGPT, custom) │ │ MCP Protocol (SSE transport) ▼ ┌─────────────────────────────────┐ │ MCP Server │ │ ┌──────────┐ ┌─────────────┐ │ │ │ OAuth │ │ Tool │ │ │ │ Auth │ │ Handlers │ │ │ └──────────┘ └──────────────┘│ └────────────────┬────────────────┘ │ Same storage engine ▼ ┌─────────────┐ │ Storage │ │ Engine │ └─────────────┘
MCP tools and REST API share the same storage engine. A file uploaded via REST is immediately visible via MCP, and vice versa. ## Technology Stack
ComponentTechnologyWhy
RuntimeEdge WorkersNear-instant cold start, global distribution
API SpecOpenAPI 3.1Auto-generated docs from route definitions
Meta PaneStructured metadata storeFast reads, strong consistency, zero config
Blob StorageS3-compatible Object StoreDurable, zero egress fees, presigned URLs
AuthEd25519 + Magic LinksNo passwords, no shared secrets
API KeysScoped, prefixed (sk_*)Path restrictions, 90-day TTL
ProtocolREST + MCPUniversal access, AI-native
ValidationSchema validationRuntime type safety, request validation
SecurityOAuth 2.0 + PKCEStandard flow for third-party apps and MCP
## Why This Architecture Suits AI Agents 1. No SDK required: plain HTTP. Any agent runtime can call it. 2. Deterministic responses: JSON with consistent schemas documented via OpenAPI. No HTML parsing. 3. MCP native: tools map directly to storage operations. 4. Event sourcing: agents can sync incrementally, not poll everything. 5. Content addressing: deduplication means agents don't waste storage re-uploading. 6. Edge-first: fast enough for tool calls inside LLM inference loops. Near-instant cold starts. 7. Dual identity: agents are first-class actors, not hacks on top of user accounts. 8. Scoped keys: agents get exactly the permissions they need, nothing more. 9. Audit trail: every agent action is logged and traceable. 10. Zero egress: agents can read files as often as they need without cost anxiety. ## Links - Developer Guide - API Reference - CLI Documentation - Pricing