Arcane Tech
Project dossier

Operational system for documenting online grooming cases

A Romanian civic initiative that systematically documents online grooming against minors. Cases arrive from the public (parents, victims, witnesses), pass through assessment, evidence custody and correlation of persons of interest across cases, then are escalated to the competent authorities. An evidence standard at the level of a criminal investigation, within the legal regime governing sensitive content.

Justițiarul de Berceni, operational dashboard for investigators with case indicators, a 30-day trend and a case table
01 / 04
Client
Civic initiative, Romania
Sector
Child protection, OSINT, justice
Delivery year
2026
Status
Private pilot

The same story, two registers.

For whoever pays for the projectPlain language, no jargon

Two separate layers: a public site for reporting, with a three-step verification, plus an internal application where investigators manage the cases, correlate offenders across cases and prepare the material for a referral to the authorities. Every action leaves a trace, every access passes through two-factor authentication, sensitive content never exists in clear on disk.

For whoever reviews it technicallyConcrete decisions, real versions

Public site as a Next.js 14 static export; internal application on Next.js 14 + NestJS 11 + PostgreSQL 16 (pg_trgm for fuzzy name matching). Argon2id on passwords, AES-256-GCM on the sensitive fields (IP, TOTP secrets), TOTP 2FA with progressive lockout. Evidence images pass through PDQ-WASM (an open-source perceptual hash) and optionally PhotoDNA, isolated on separate paths (quarantine / clean / flagged) with strict permissions, never stored in clear. SSE for live notifications, BullMQ for asynchronous jobs, an append-only audit log indexed by user and IP.

The same facts, two readings. The CEO reads the top register and knows what was delivered. The CTO reads the bottom one and knows how. No one is forced to translate in their head.

The process that existed before us.

Evidence came in through fragmented channels: a form, a screenshot, a message, a capture from social media. Without a single system, evidence got lost in email, persons of interest were not correlated across cases, and the question “who accessed which case, when, from what IP” had no reconstructable answer. CSAM content carries strict legal restrictions on storage and transport: it cannot exist in clear on any infrastructure.

The system built to measure.

Two separate layers. The public layer is a Next.js 14 static export for intake and awareness, with SMS verification, hCaptcha and explicit consent on each processing channel. The internal layer is Next.js 14 + NestJS 11 + PostgreSQL 16: investigators sign in through TOTP 2FA with progressive lockout, the sensitive fields (IP, passwords, TOTP secrets) are encrypted with AES-256-GCM, passwords hashed with Argon2id. Image evidence passes through PDQ-WASM and optionally the PhotoDNA API, isolated on separate paths (quarantine, clean, flagged) with strict permissions. A case runs through a controlled workflow (new → under review → active → reported → closed), live notifications travel over Server-Sent Events, the public map uses Leaflet with aggregated data and no personal identifiers. An append-only audit log indexed by user, IP, timestamp. Background jobs (scan, alert, export) on BullMQ over Redis.

The stack, in production.

  1. 01Next.js 14 · React 18
  2. 02NestJS 11 · TypeORM
  3. 03PostgreSQL 16 · pg_trgm
  4. 04Redis 7 · BullMQ
  5. 05PDQ-WASM · PhotoDNA
  6. 06Argon2id · AES-256-GCM · TOTP
  7. 07Server-Sent Events · Leaflet
  8. 08Docker · Nginx

The measurable result.

The public layer is live on the initiative's domain; the operational layer is in private pilot with the investigation team. The internal threat model passes in full: no clear-text on content classified as sensitive, no access without 2FA, a complete audit trail on every action, DB migrations reversible in both directions. The suite includes more than 500 automated tests, and secrets are scrubbed from the logs by a logging policy.

  1. M.01Automated test suite500+ (unit + integration)
  2. M.02Checks at public intake3 (SMS, captcha, explicit consent)
  3. M.03Sensitive-field encryptionAES-256-GCM + Argon2id on passwords

Technical notes and verifications.

  1. [1]

    The source code and infrastructure belong to the client after handover. The scores, the stack and the metrics reflect the delivered state, not the current state of the project.

  2. [2]

    The detailed technical documentation, the implementation logs and the test reports are archived in the internal Arcane Tech repository, available under a confidentiality agreement.

Have a similar system to build?

We start with a technical review led by a principal engineer, under a confidentiality agreement.

Schedule the review