Overview

HELP
TOPICS
Zax - secure messaging between you and your Guardians
Vault12 Help

Zax - secure messaging between you and your Guardians

How can one ensure that the Vault12 Guard app connects to Guardians securely?
There should be zero concerns - all communications are safeguarded by the state-of-the-art Zax protocol.


TL;DR

There is a fundamental problem on the internet - how to send and receive messages securely among all parties, including users, apps, or devices that are often out of reach, such as smartphones in standby mode. The decentralized protocol for secure messaging called Zax reinforces the foundational security citadel of the Vault12 Guard app. With Zax secure messaging, you can be sure that no intermediaries can ever see or compromise your Vault's communications with Guardians.

The Zax protocol in a nutshell

Vault12 developers have created a messaging network known as Zax, which is completely open-source for review and battle-testing by the security experts community. It provides all the necessary communications to connect the Vault12 Guard app and Guardian devices worldwide, even when devices are occasionally off the grid.

Why are security, resilience, and decentralization of communication important?

The internet is like nature, both beautiful and diverse, but also dangerous at times. This is even more true in the young and still-wild blockchain and Web3 ecosystems. To achieve security and resilience, it is necessary to decentralize resources, encrypt all communications, and assume zero trust in service providers. Ideally, services can be self-sufficiently run by participating users alone, without any centralized servers acting as intermediary. These goals of security, resilience, and decentralization are pursued by honest and long-term participants in the industry. That's why the Vault12 team designed the "Guard" app to implement communications between Owner and Guardians in such a way that all users communicate independently without any centralized server. There is no risk of interception.

What are Zax intermediaries?

Even when intermediaries -- called Zax relays -- assist in message synchronization during device offline periods, they are only blind relays. These intermediaries may store encrypted messages from users until the recipient comes online. However, these relays have zero knowledge of the message contents or recipients. They act as temporary inboxes blindly and with no awareness of the message content.

Moreover, users can easily run their own private Zax relays to maximize independence and security. The source code of the relay is available on GitHub for everyone.

How strong is the Zax protocol?

The protocol's design incorporates multiple cutting-edge solutions to achieve top-notch resiliency:

  1. Communication ratchet - This simple yet extremely powerful principle ensures that each individual message between Vault and Guardians is encrypted with a brand new private key, making it impossible for long-term, sophisticated, and expensive key attacks to succeed.
  2. Proof-of-Work - Like Bitcoin's core innovation of the proof-of-work principle, we also adopted it for decentralized messaging: Zax relays implement a Proof-of-Work defense against potential DDoS (Denial of Service) attacks. This ensures that the service is consistently available.

Summary

For those interested, the official white paper of the Zax protocol contains more interesting technical details about its design and implementation.

However, for general users, it is most important to understand that by using the Zax protocol, they can be certain that neither Vault12 nor any relay holders store any of their personal data or files. Both personal data and files are encrypted on the user's device before being relayed through our Zax relays. This encrypted data only temporarily exists on the relays and is deleted once the destination device receives it. Vault12 and the relays do not have the keys or capability to decrypt any of this information. If any government agency requests personal data or files in an unencrypted format, Vault12 is technically unable to provide it. The same applies to potential adversaries targeting users.

Vault12 is always committed to serving the security of its users and protecting their valuable assets and secrets.

Load More