Melotte Consulting
← Back to work

Case study

Obsidian Pulse — Tape audit trail and recovery

A multi-tenant SaaS tool providing audit trail, rollback, and deleted record recovery for Tape organisations.

Product development real-time audit trail one-action rollback two-stage delete recovery

Delivery stack

  • Astro
  • Cloudflare Workers
  • Cloudflare D1
  • Cloudflare KV
  • Cloudflare Workflows
  • Tape API

Challenge

Tape organisations running real business data had no way to audit who changed what, roll back field updates in bulk, or recover deleted records once Tape's own window had passed.

Outcome

A purpose-built tool that captures every Tape event via webhooks, surfaces field-level diffs from Tape's revision API, and provides one-action rollback and two-stage deleted record recovery.

Tape is a strong foundation for business data, but it has limited native tooling for audit and recovery. Obsidian Pulse was built to close that gap.

What was built

A multi-tenant SSR application where each Tape organisation gets an isolated audit trail, a webhook-driven event log, and a recovery interface.

Key capabilities:

  • Webhook provisioning — webhooks are set up per app automatically during onboarding using the Tape API, with retry logic handled via Cloudflare Workflows
  • Event capture — every Tape create, update, and delete arrives in real time and is stored with its raw payload; nothing is computed or derived at write time
  • Field-level diffs — pulled live from Tape’s revision API when an event is opened, ensuring the diff always reflects Tape’s source of truth
  • Rollback — applies previous field values back to the Tape record via API in one action, with calculated and read-only fields automatically excluded
  • Delete recovery — two-stage: attempts native Tape recovery first, falls back to an AES-GCM encrypted point-in-time snapshot if Tape’s window has passed

Technical approach

The application runs entirely on Cloudflare’s edge — Workers for compute, D1 for relational storage, KV for sessions, and Workflows for reliable webhook provisioning with retry and backoff.

Organisation data is strictly isolated by organisation ID at the query level. Sensitive data (API keys, deleted record payloads) is encrypted at rest. Sessions use short-lived tokens with no persistent login state.

Field-level diffs are intentionally not stored — they are fetched from Tape’s revision API on demand. This keeps the data model simple and avoids any risk of computed diffs going stale relative to Tape’s own records.

Current status

Live and in invite-only onboarding. More at obsidian-pulse.jmc.tools.

Delivery highlights

  • Built as a multi-tenant SaaS from the ground up — each organisation gets a fully isolated audit trail.
  • Event capture is webhook-driven and real-time, not a periodic sync that creates lag.
  • Field-level diffs are surfaced from Tape's revision API rather than just logging the raw event payload.

Need a similar delivery shape?

If the friction sounds familiar, start with the workflow, reporting gap, migration, or client-facing surface that already feels harder to trust than it should. That is usually enough to shape the first useful scope.

Start with a Technical Review Review services