PROCESS

Listing → secure intake → dashboard review

Trades Backer is a ground-up intake + review system built specifically for skilled construction hiring. It stays intentionally lightweight—static listings, client-side encryption, and simple file-based storage—so you’re not buying into a generic “global” platform with never-ending updates and unnecessary features. Every job has one canonical apply link you can share anywhere (including your own website). Staff provisions and tests each employer’s project + keys before it goes live. Communication is kept minimal: applicants get an on-screen confirmation; employers review in the dashboard when ready; staff only reaches out when it’s necessary.

The workflow was shaped by people familiar with apprenticeship and workforce-side hiring friction: having to create a new set of questions for each posting site, maintaining separate forms on employer websites, worrying that updates could break intake, and trying to determine which sources were actually sending the strongest applicants. The result is a process meant to be practical: one reliable link, one secure intake path, and one review flow that does not bury the hiring team in settings.

Client-side encryption (browser → ciphertext)

A simplified view of what happens when an applicant or employer submits a form.

User fills the form

Answers + uploads are prepared locally.

Browser encrypts payload

Using the listing's public key (WebCrypto).

Server stores ciphertext

Encrypted blob + sealed key + minimal routing metadata.

Employer decrypts locally

Private key stays on employer device (dashboard).

This is why Trades Backer can operate without holding plaintext applicant submissions on the server.

Listings are vetted and manually published

Trades Backer uses a “staff-verified listing” model. Listings are not auto-published by public submissions.

Employer request (encrypted to staff)

Request form routes into the Staff Portal inbox.

Staff verification

Confirm org, position, posting copy, and project bucket.

Manual publish to Jobs

Listing appears under Jobs with one canonical URL.

Reduces spam / scams (no self-serve posting).
Helps keep job links consistent and trustworthy.
Improves applicant confidence (clear ownership and contact path).

1) Employer listing request (encrypted)

Employers submit a listing request using the standard request form. The request is encrypted in-browser to the staff key and routed into the Staff Portal “Listing requests” inbox.

Staff triage: confirm position, location, pay notes, and posting copy
Staff assigns a projectId (listing bucket) for that employer
Staff generates an employer keypair (public key for applicants, private key for the employer dashboard)
Staff tests the apply flow + dashboard access before handing it over

2) Job goes live (one URL)

Once published, the listing appears under Jobs. The employer shares one canonical URL across platforms: social posts, websites, dispatch boards, training centers, and job boards. For public roles, that URL should be the exact single-job detail page so applicants and search engines land on the same opening everywhere.

Consistent intake across every source
Easy to link from your website (no embedding required)
Public single-job pages can be crawled and indexed; private recurring roles can stay unlisted
Applicants upload attachments (certs, resumes, etc.)
Applicants avoid emailing sensitive documents around

3) Applicant submission (encrypted)

Applicants complete the application form for the listing. The full payload (answers and uploads) is encrypted in the browser to the employer's public key and submitted as ciphertext. The server stores the sealed key + encrypted blob and only non-identifying manifest-safe summary fields for sorting and filtering.

Server cannot decrypt applicant payloads
Only the employer with the matching private key can decrypt
Uploads are included inside the encrypted payload

4) Employer Dashboard (decrypt, organize, export)

Employers open the dashboard link and load their private key locally. The dashboard decrypts submissions in the browser, enabling review notes, workflow status, filters, and export. It’s built for trusted field personnel using tablets—touch-friendly, fast, and installable as a PWA for an app-like dashboard experience.

Local-only decryption
Organize candidates in one place (tablet-first PWA)
Export CSV for internal HR, dispatch, or onboarding systems

What applicants should expect

The form will confirm when your encrypted application is received.
Your information is reviewed by the employer/organization for that listing after they decrypt it in their dashboard.
Do not include high-risk identifiers (for example, SSNs). Those belong in later, employer-controlled onboarding steps.

Contact messages

General messages use the Contact form and are encrypted in-browser to the staff key. Staff reviews these in the Staff Portal “Messages” inbox and responds based on the topic.