Crypto Strategies

🚧 This page is under construction 🚧

Cardinal uses end-to-end encryption to ensure that the data created by your application is accessible only to the intended recipients. Even if a malicious actor gets access to Cardinal's databases all the data they retrieve will have very little value, since they will not be able to decrypt unless they also gain access to the private keys of your users.

The Cardinal SDK handles automatically encryption of your data for the most part, however, there are some aspects of encryption that can be handled optimally only with input from your application. This is where the Crypto Strategies come into play: by providing your own implementation of the CryptoStrategies interface you can customise the behaviour of Cardinal to improve the security and accessibility of your data.

By creating your own implementation of the crypto strategies you will be able to:

• configure which user types will be kept anonymous in sharing metadata (anonymous data sharing)
• implement your own key recovery and verification mechanisms (key recovery and verification)
• reduce the trust you put on the Cardinal server when recovering the key pairs of other users for data encryption (server trust)
• configure the key pair generation strategy (key pair generation)