Colophon

Stack

Static HTML, CSS, and vanilla JavaScript on Cloudflare Pages with Functions and KV for the API, blog metadata, and admin content. No React, Vue, or client framework on public pages.

Typography

Inter (variable WOFF2) and Quicksand (variable TTF), self-hosted under /assets/fonts/ and declared in /styles/fonts.css — not loaded from Google Fonts or other CDNs.

Libraries (vendored)

Markdown, sanitization, syntax highlighting, and the admin editor load from /assets/vendor/ on this origin only (marked, DOMPurify, Prism, Quill). See MoCipher-SPEC.md for the file list.

Privacy & analytics

There is no third-party analytics or advertising stack on public pages — no Google Analytics, no Facebook pixel, no Cloudflare Web Analytics beacon in the browser. I do not optimize this site for “engagement” metrics at the cost of visitor privacy.

Operational data (e.g. HTTP logs) may be processed by the hosting provider as described in privacy.html.

Security

Strict Content-Security-Policy and related headers are defined in _headers at the repository root (summarized in the spec).

Open documentation

Authoritative detail: MoCipher-SPEC.md. Machine-oriented summary: /llms.txt.