Hierophant’s architecture implements a Zero-Knowledge Architecture by ensuring that no client identifiers are ever exchanged or revealed over any channels.
This fundamental principle means the system is designed from the ground up to operate without any knowledge of who is communicating or the specifics of their interactions, thereby guaranteeing complete anonymity and untraceability.
All cryptographic operations—key generation, message encryption, and decryption—are executed exclusively on the user's device in Trusted Execution Environment (TEE). Keys are never transferred or decoded back to raw and remain under the user's sole control, forming a cornerstone of its security.
Keys are safeguarded within the Trusted Execution Environment (TEE) of phones, personal computers, servers, and dedicated hardware devices or in dedicated security chips when Hierophant operates on microcontrollers. This hardware-level isolation ensures keys are protected even if the device's primary operating system is compromised.
Unlike commonly used messengers and protocols, Hierophant’s design eliminates the need for central servers to store user data, accounts or keys. If servers are utilized, they function purely as stateless, encrypted relays. They possess no knowledge of the message content, sender, or recipient, and retain no logs or metadata.
The system is architected so that no user-related data, encrypted or otherwise, is ever stored on any intermediary infrastructure or transferred over networks. Each message is an independent, self-contained cryptographic object (without any metadata as well) - that’s the only thing that ever being exchanged between clients.
With "No Identifiers or Accounts" and other architectural decisions in Protocol and Project Hierophant, this approach guarantees that even in the event of a full compromise of relay infrastructure, there is no user data, no keys, and no metadata to be found.