~/michael-cheers $
$ whoami

Michael Cheers

Software Developer & Problem Solver

$ cat skills.txt
.NET Core Digital Security Enterprise Systems X.509 PKI
$ ls -la projects/
digital-stamp-platform/ 200+ docs/day
dateformat-generator/ #1 Google
movingpapa-website/ 3 weeks
$ ./explore_work.sh _

About Me

I'm a software developer with a passion for building secure, enterprise-level applications. My experience spans from digital security systems to full-stack web development, with a focus on creating solutions that are both technically robust and user-friendly.

I enjoy tackling complex problems, especially those involving security, compliance, and scalable architecture. My goal is always to deliver software that not only meets requirements but exceeds expectations in terms of performance and reliability.

Featured Projects

Digital Stamp System for Professional Associations

STIBC Digital Stamp System Interface

STIBC System (Launched September 2022)

ATIO Digital Stamp System Interface

ATIO System (Launched November 2025)

2+ Organizations
X.509 Compliant
PDF-A Standard

The Challenge

Professional translator associations needed a secure, legally-compliant way for certified members to digitally authenticate their translated documents. Traditional paper stamps were inefficient, and existing digital solutions didn't meet the specific regulatory and security requirements of professional certification bodies.

The Solution

I designed and built a comprehensive digital certification platform featuring secure document signing, real-time verification, and full compliance with X.509 and PDF-A standards. The system handles everything from member onboarding to document stamping to public verification.

Technical Implementation

Backend Architecture

  • .NET Core web application
  • Entity Framework with MySQL
  • Docker containerization
  • SSL/TLS certificate management

Security & Compliance

  • X.509 PDF-A encryption with SHA-256 digest
  • RSA encryption and digital signatures
  • Client-side document processing (privacy)
  • Tamper detection and validation
  • PKI certificate authority setup

Infrastructure

  • AWS EC2 deployment
  • Docker Compose orchestration
  • Automated backup systems
  • Usage analytics and monitoring

Features

  • Multi-format document conversion
  • Automated declaration generation and document merging
  • Interactive stamp placement (all pages or first page only)
  • Real-time signature verification
  • Language combination validation
  • Public verification portal

Platform Evolution: ATIO Enhancements (2025)

Building on the success of STIBC, the ATIO deployment introduced several architectural improvements and new features:

Enhanced Security Architecture

Implemented client-side encryption using AES-256 with Argon2id key derivation before cloud storage. Built a zero-knowledge architecture where encryption keys are never transmitted to servers, ensuring even the cloud provider cannot access documents. Documents can only be decrypted using the QR code or verification code printed on the document itself, which are never stored on servers.

QR Code Verification System

  • 18-character verification codes generated for each stamped document
  • Dual verification methods: PDF upload or verification code entry
  • QR codes displayed on verification page for easy document retrieval

Client-Side Processing

  • WebAssembly-based image-to-PDF conversion running locally in browser
  • Eliminates third-party dependencies for image files (JPG, PNG)
  • Faster processing and enhanced privacy for sensitive documents

Streamlined User Experience

  • Stateless guest architecture with no login required
  • Custom signature upload and management
  • Simplified interface optimized for translator workflows

Results & Impact

  • Successfully deployed for STIBC (Society of Translators and Interpreters of British Columbia) in September 2022, with ATIO (Association of Translators and Interpreters of Ontario) launched November 2025
  • Active production system currently processing 200+ documents daily for certified translators
  • Streamlined certification process for hundreds of professional translators
  • Eliminated paper-based workflows while maintaining legal compliance
  • Provided real-time verification for document authenticity
  • Built scalable infrastructure supporting multiple organizations

MovingPapa.com - Corporate Website

MovingPapa Website Interface

Complete front-end website development for a multi-million dollar moving company, built from professional Figma designs with modern web technologies and marketing integrations.

The Challenge

Moving Papa needed a professional, responsive website that could handle complex service area routing, integrate with marketing analytics, and provide an excellent user experience across all devices.

The Solution

Built a comprehensive front-end solution using modern web technologies, implementing pixel-perfect designs with interactive components and robust tracking systems.

Technical Implementation

Frontend Technologies
  • HTML5 & CSS3
  • JavaScript & jQuery
  • Bootstrap framework
  • Responsive design
UI Components
  • Interactive carousels
  • Modern animations
  • Mobile-optimized layouts
  • Custom styling
Analytics & Marketing
  • Google Analytics integration
  • Facebook Pixel tracking
  • SEO optimization
  • Conversion tracking
Advanced Features
  • Complex URL routing
  • Multi-region support
  • Performance optimization
  • Cross-browser compatibility

Results & Impact

  • Professional execution of Figma designs into fully functional website
  • Responsive design working seamlessly across desktop, tablet, and mobile
  • Marketing ready with comprehensive analytics and tracking implementation
  • Scalable architecture supporting multiple service areas across Canada
  • Built and deployed complete website in 3 weeks

DateFormatGenerator.com - Developer Utility

DateTime Format Generator Interface
9.1K Annual Clicks
25+ Daily Users
9 Languages

A reverse-engineering date format tool where developers enter their desired date output (like "Mon, June 23, 2025") and instantly get the corresponding format strings needed to produce that result in C#, JavaScript, Java, PHP, Python, Ruby, Swift, C++, and MySQL. Built with C# and transpiled to JavaScript.

The Challenge

Developers working across multiple programming languages struggle with creating the right date formatting syntax to achieve their desired output. They know what they want their dates to look like, but need to figure out the correct format strings for each language.

The Solution

Built a reverse-engineering tool that analyzes example date outputs and generates the correct format strings needed to produce that result in 9 major programming languages, with intelligent validation to catch ambiguous patterns.

Technical Implementation

Core Technology
  • C# application logic
  • JavaScript transpilation
  • Static site deployment
  • Client-side processing
Language Support
  • C# & .NET DateTime
  • JavaScript (Luxon)
  • Java SimpleDateFormat
  • PHP, Python, Ruby, Swift
  • C++ & MySQL formats
SEO & Performance
  • Fast static site delivery
  • Mobile-responsive design
  • User-friendly interface
  • Lightweight implementation
User Experience
  • Real-time format preview
  • Intelligent ambiguity detection
  • Pattern validation
  • Cross-browser compatibility

Results & Impact

  • High organic traffic with 9.1K clicks annually from Google search
  • Exceptional user engagement with 16.3% click-through rate
  • #1 Google ranking for "get format from date online" and other targeted developer queries
  • Real developer adoption with consistent monthly usage by software developers
  • Cross-platform utility supporting 9 major programming languages

Open Source Security Research

Discovered and reported a stored XSS vulnerability in Trix, Basecamp's popular rich text editor used by Ruby on Rails applications worldwide, resulting in an official security advisory.

GHSA Advisory Issued
4.6 CVSS Score
2.1.16 Patched Version

Vulnerability Discovery

🔒 Stored XSS via Attachment Attributes (GHSA-g9jg-w8vm-g96v)

Project: Trix is Basecamp's rich text editor, bundled with Ruby on Rails as Action Text and widely used across web applications for WYSIWYG editing.

Issue: The editor failed to properly sanitize the data-trix-attachment attribute before rendering it as HTML, allowing attackers to inject malicious scripts through crafted attachments. When users interacted with these attachments, arbitrary JavaScript could execute in their browser session.

Impact: Stored XSS enabling session hijacking, unauthorized actions, and data theft in any application using vulnerable Trix versions (CVSS 4.6 MODERATE).

Resolution: Reported via HackerOne. Basecamp issued security advisory GHSA-g9jg-w8vm-g96v and released patched version 2.1.16 for both npm and RubyGems.

Results & Recognition

  • Official security advisory issued by Basecamp acknowledging the discovery
  • Coordinated disclosure through HackerOne bug bounty platform
  • Patch released in Trix v2.1.16 protecting Rails applications globally
  • Credited as reporter in the GitHub security advisory
Security Research XSS HackerOne Open Source JavaScript Ruby on Rails

Other Experience

Additional development work includes system maintenance and enhancements for Lynch Bus Lines transportation software, plus successful entrepreneurial experience with an e-commerce business achieving $150k in sales.

PHP/MySQL System Maintenance Business Development E-commerce

Technical Skills

Backend Development

.NET Core C# PHP Entity Framework Web APIs MySQL

Security & Compliance

Security Research Vulnerability Analysis Cryptography Digital Signatures PKI Infrastructure X.509 Certificates SSL/TLS

DevOps & Cloud

Docker AWS EC2 CI/CD Linux

Frontend & Tools

HTML/CSS JavaScript Git Visual Studio

Get In Touch

Interested in working together? I'm always open to discussing new projects and opportunities.

LinkedIn: Michael Cheers

GitHub: @michaelcheers

Resume: View/Download PDF