Data Encryption

At EthSign, we take data privacy extremely seriously. If document encryption is enabled, none of the encrypted data leaves the browser unencrypted. In other words, if our users choose to encrypt their data, nobody aside from the intended recipients can decrypt it, not even us.

Encryption Methods

EthSign offers three different tiers of encryption:

1. Unencrypted

2. AES-256-GCM: Symmetric password; Advanced Encryption Standard with Galois Counter Mode

3. AES-256-GCM + ECIES: Asymmetric passwordless; Advanced Encryption Standard with Galois Counter Mode + Elliptic Curve Integrated Encryption Scheme

The encryption method used throughout a signing session is dictated by the initiator.

Note: "Signing Session" refers to the process during which users send and sign a specific document.

Unencrypted

All data is viewable by anyone else. It is extremely important to keep in mind that unencrypted data can be seen by everyone and once submitted to Arweave, it will become permanently visible to the entire world. There are cases where transparency is needed, but to avoid users disabling encryption by accident, we display a stern warning if the user attempts to submit data unencrypted.

AES-256-GCM - Password Encryption

AES-256-GCM is a symmetric encryption algorithm. It's been widely used and battle-tested over many years. When making use of this encryption method, all recipients must possess a copy of the passphrase that generates the AES key. This key must be kept secret and EthSign does not natively facilitate the key exchange.

AES-256-GCM + ECIES - Wallet-based Encryption

Elliptic Curve Integrated Encryption Scheme is an asymmetric encryption algorithm, meaning the information needed to perform encryption is different from the information needed to perform decryption. In this case, a public key is used to encrypt data while the corresponding private key is needed to decrypt data. In the context of EthSign, using ECIES means nobody needs to memorize any passwords of any kind since the data is locked to every recipient's public encryption key.

This is somewhat similar to EthSign 4's 1-Tap Encryption which made use of MetaMask's eth_decrypt API. However, this API is now deprecated, and although a new encryption EIP has been submitted, it is still in the draft stage. In addition, we had to make encryption universal across different blockchains (secp256k1 + curve25519), so we decided to establish our own encryption system, branded as EthSign Password Manager.

To learn how EthSign Password Manager works in detail, refer to How EthSign Handles Your Secrets.

Encryption Workflow

This is a sequence diagram showcasing the encryption workflow. The word gibberish simply means the data is encrypted and thus opaque to us and everyone aside from the intended recipients.