Vercel Workflow now encrypts all user data end-to-end without requiring any code changes. Workflow inputs, step arguments, return values, hook payloads, and stream data are automatically encrypted before being written to the event log. This makes it safe to pass sensitive data, such as API keys, tokens, or user credentials, across boundaries. The event log only ever stores ciphertext, while your step functions work exactly as before. Your workflow and step functions work exactly as before; all data flowing through the event log is encrypted automatically. Each Vercel deployment receives a unique encryption key. The key derivation and encryption stack works as follows: Each workflow run derives its own key via HKDF-SHA256 Data is encrypted with AES-256-GCM to ensure confidentiality and integrity Encrypted fields display as locked placeholders in the dashboard until decrypted You can access encrypted data through two methods: Web dashboard : Click the Decrypt button in the run detail panel.…