In addition to end-to-end encryption, every action taken by the user is a locally signed transaction, which is then processed through our internal blockchain. Once the transaction has been validated, it is recorded in the immutable ledger where it cannot be altered later. Each transaction is identified by its hash. In order to append to the ledger, the user uses their wallet to sign the new operation along with the hash of the previous transaction, so that the new resulting transaction is cryptographically sealed and cannot be forged, thus creating a transaction chain.
We authenticate our users through Cognito, which uses the Secure Remote Password (SRP) protocol, meaning the password never leaves the device, only the zero knowledge proof of the password being sent.