Product Roadmap

What's Built.
What's Coming Next.

A transparent view of where TenzoShare has been, where it is today, and where it's heading. Updated as work progresses.

Phase 0 — Foundation Complete Phase 1 — MVP In Progress Phase 2 — Enterprise Planned Phase 3 — Scale Planned
0

Phase 0 — Foundation

The base layer everything else is built on.

check_circle Complete

Monorepo with Go workspaces, Docker Compose development environment, protobuf definitions for all service contracts, shared internal libraries (auth, crypto, database, storage, observability), and all architectural decisions documented. This phase established the foundation that all subsequent services are built on.

1

Phase 1 — MVP

Core file exchange platform — production-ready for self-hosted teams.

 In Progress

task_altDelivered

check_circle
User Authentication
Email/password (Argon2id), JWT (RS256), token revocation, account lockout
check_circle
Password Management
Self-service password change, reset by email
check_circle
API Key Management
Personal access tokens for CLI/programmatic access
check_circle
Resumable File Uploads
Tus protocol — 10 GB+ per file, chunked with pause/resume
check_circle
Encryption at Rest
AES-256-GCM; every file encrypted before it touches storage
check_circle
Secure File Transfers
Expiry dates, password protection, per-file download limits, revocation
check_circle
View-Only Transfers
Recipients view files without downloading (compliance mode)
check_circle
File Request Pages
Public upload dropbox — guests submit files without an account
check_circle
Public Download Pages
Recipients download via secure link without an account
check_circle
Immutable Audit Log
Append-only structured events; searchable by user, action, date, IP
check_circle
Role-Based Access Control
Admin / user / guest / auditor roles; enforced at the API layer
check_circle
Admin Panel
User management, quota controls, storage insights, system health, full transfer oversight
check_circle
Storage Management
Configurable file retention policies and automated purge scheduling
check_circle
Observability
Prometheus metrics + Grafana dashboards; Loki log search with per-request and per-user tracing
check_circle
Storage Quotas
Per-user storage quota enforcement at upload time
check_circle
White-Label Branding (Part 1)
Custom logo, colour palette

pendingStill Planned for Phase 1

radio_button_unchecked OpenAPI 3.1 documentation + in-app Swagger UI
radio_button_unchecked Date and timezone preferences (per-user and system default)
radio_button_unchecked Integration tests (Testcontainers) and E2E tests (Playwright)
radio_button_unchecked Bandwidth and timeout configuration for very large file transfers
radio_button_unchecked Two-factor authentication — TOTP (authenticator apps)
radio_button_unchecked SMTP integration with email notifications
2

Phase 2 — Enterprise

Identity integration, high-availability, and enterprise compliance tooling.

Planned
manage_accounts
OIDC Single Sign-On
Microsoft Entra ID, Google Workspace, Okta, Keycloak, Authentik
security_key
Hardware MFA
WebAuthn / FIDO2 security keys (YubiKey, passkeys)
sync
SCIM 2.0 Provisioning
Automated user sync from your identity provider
bug_report
Antivirus Scanning
ClamAV as an optional sidecar — quarantine infected uploads before delivery
webhook
Webhooks
HMAC-signed event delivery with retry — transfer.created, transfer.downloaded, and more
palette
White-Label Branding (Full)
Email templates, custom domain
cloud_upload
Kubernetes
Helm charts for production-grade cluster deployments
hub
Docker Swarm
Multi-node Swarm configs for HA without Kubernetes
monitoring
Distributed Tracing
OpenTelemetry + Grafana Tempo
admin_panel_settings
Custom Roles
Fine-grained permission sets beyond the built-in RBAC tiers
speed
Bandwidth Controls
Per-user and system-wide upload/download throttling
fact_check
Advanced Audit
Scheduled compliance exports (CSV/JSON/PDF), WORM storage options
3

Phase 3 — Scale

Multi-tenancy, federation, SDK ecosystem, and enterprise compliance packs.

Planned
corporate_fare
SAML 2.0
Enterprise federation with any SAML IdP
account_tree
LDAP / Active Directory
Directory-based authentication and user sync
domain
Multi-Tenancy
Isolated organisations within a single deployment
terminal
CLI Client
Command-line tool for scripted transfers and administration
extension
Plugin System
Extension points for custom integrations and workflows
crisis_alert
SIEM Integrations
Wazuh, Graylog, Splunk, OpenTelemetry Collector
rocket_launch
One-Click Deployments
AWS, Azure, and DigitalOcean marketplace images
verified_user
Compliance Packs
SOC 2 Type II, HIPAA, NIS2 tooling and documentation
cleaning_services
Metadata Scrubbing
Optional EXIF and document metadata stripping on upload
bar_chart
Advanced Analytics
Transfer activity heatmaps, per-user trends, storage forecasting

Want to influence the roadmap?

Open a discussion on GitHub or reach out — your use case might shape what gets built next.

forumGitHub Discussions mailContact Us