Encryption user flows

Below are a few examples demonstrating our end-to-end encryption in some typical user flows on Akord.

User signup

  • A backup phrase is generated.

  • Asymmetric password key is derived from the user’s password.

  • The backup phrase is encrypted with the password key and securely stored within Akord.

User login

  • The encrypted backup phrase is retrieved from Akord.

  • User decrypts the backup phrase locally using their password key.

  • User derives their signing & encryption keys from the backup phrase.

User's personal data encryption

  • Alice wants to upload an avatar photo to their profile.

  • Alice generates a unique access key.

  • Alice encrypts the avatar with the newly generated access key.

  • Alice encrypts the access key with their encryption public key.

  • the encrypted avatar & encrypted access key are stored within Akord.

  • Alice can now decrypt the avatar using their encryption private key.

Data encryption within the vault

  • Alice wants to share file within the vault, which Bob also belongs to.

  • Alice generates a unique access key.

  • Alice encrypts file with the newly generated access key.

  • Alice encrypts the access key with the vault public key.

  • The encrypted file & encrypted access key are stored within Akord.

  • Bob decrypts the vault private key with their encryption private key.

  • Bob decrypts the access key with the vault private key.

  • Bob decrypts the file with the access key.