Hierophant’s security model is built upon an implementation of Client-Side End-to-End Encryption (E2EE), ensuring that all cryptographic operations occur exclusively on the users' devices. This principle dictates that sensitive data is encrypted at its origin and decrypted only at its final destination, with no intermediary, including server infrastructure (if any is used).
All encryption and decryption processes, along with key management, are confined to the client's device. Keys are generated locally and are safeguarded within the device's Trusted Execution Environment (TEE) or dedicated secure hardware chips for microcontrollers. Crucially, these keys are never transmitted across any network, nor are they accessible to any server or third party.
This approach fundamentally differs from some conventional E2EE systems that might still involve servers in key distribution or accounts management processes. In Hierophant, each message is an independent, cryptographically sealed object. The encryption boundaries are strictly at the endpoints, meaning that the data is protected even before it leaves the user's device and remains protected until it is decrypted by the intended recipient on their device.
Even if the entire transmission infrastructure were to be compromised, or if relay servers were seized, the content of the communications would remain mathematically available for decryption only for intended recipient.