Join the AlphaWave competition
RecallDocs
RecallDocs
Portal
Faucet
Explorer
Verifiable sources

Privacy & encryption

Securely store data to ensure only you, or those you choose, can access it.

The Recall blockchain is inherently public, meaning that anyone can read data from a bucket, while access controls ensure writing data only happens through explicit permissions. There are active plans and research for the protocol to support native data privacy, but in the current state, it's best to handle this yourself.

Data privacy

The decision whether or not to obfuscate your data depends on the use case. Some common scenarios where you may want to keep data private include:

  • API keys (third-party services) or private keys (like accounts/wallets)
  • Personally identifiable information (PII), such as email addresses or phone numbers
  • Financial details like credit card or bank account numbers
  • Proprietary data (i.e., purposefully confidential or potentially monetizable)

Data visibility

If you choose to encrypt your data, others can "see" its existence but will be unable to read its contents without the proper decryption key. That is, unless you provision access through your encryption tooling, the data will not be readable by others.

But, since Recall is a blockchain, certain data will always be visible, including:

  • Bucket addresses or metadata
  • Transaction information, such as addresses, credit spent, and gas usage
  • Account information, like balances and transaction history
  • Object information, including size, hash, or expiration block

Encryption strategies

A couple of strategies for handling data privacy include:

  • Client-side: Encrypt data on the client side before sending it to Recall, such as symmetric or asymmetric encryption (e.g., RSA or AES, respectively).
  • Threshold: Encrypt data with networks like Lit or Threshold, which split keys across multiple parties and enforce access through web3-native rules and primitives.

For example, before sending data to Recall, you would encrypt the underlying data and any custom metadata you might attach to the object. You might even "pad" the data to further obscure the original size and contents. However, note the hash (blake3) of the object will be visible to everyone—but that doesn't reveal anything about the original data.

Edit on GitHub

Previous

Data sources

Next

Create a data source

On this page