website logo
WebsiteTry DashboardContact Sales
โŒ˜K
๐Ÿ‘‹Welcome to mintBlue!
โ“Why Use mintBlue?
๐ŸงงmintBlue Products
โ›“๏ธEnterprise Bitcoin
๐Ÿš€Introduction
๐Ÿ‘‰mintBlue Quick Start Guide
๐Ÿ”—Setting up Zapier & mintBlue
๐ŸŽ‡mintBlue SDK
๐Ÿ‘‰SDK Quick Start Guide
๐Ÿ—๏ธSDK Encryption
๐Ÿ“ฉEnvelopes
๐Ÿ–ฅ๏ธSDK Server
๐Ÿ“SDK Scripts
๐Ÿ“–mintBlue API
โน๏ธBlockchain API
๐Ÿ“‘Token API
๐Ÿ–ฅ๏ธmintBlue Console
๐Ÿ‘‚Event Listeners
๐Ÿ†Examples of Building with mintBlue
๐Ÿ”‘password manager
๐Ÿ“ƒNotary Express App
Docs powered byย archbeeย 
8min

SDK Encryption

Keep your data secure with mintBlue's encryption technology. Your data is encrypted using your own keys before it leaves your device or server, giving you complete control and access to your data.

Learn more in the topics below.

Key Encryption

When you sign up with mintBlue, your device generates a secure keypair known as your master key. To ensure maximum security, your master key never leaves your device unencrypted. For added protection, a key encryption key is generated using PBKDF2 when you set your password, and your password is always hashed before being sent to the server.๏ปฟ

During registration, your master key is encrypted with your key encryption key, using AES-GCM. This encrypted master key is sent to the mintBlue server for storage, ensuring secure multi-device access and key recovery๏ปฟ

๏ปฟ

๏ปฟ

๏ปฟ

Access Tokens

Access Tokens allow you to securely access your data through code. Upon creation of an Access Token, a new key encryption key is generated on the client side and used to re-encrypt your master key. The re-encrypted key is then stored on the mintBlue server for secure access

After this process, you will be shown two keys:

  • SDK token
    • This key contains the secret allowing the SDK to decrypt the encrypted master key for local usage
    • The secret part of the key will be hashed before being sent to the server
  • API token
    • This key contains the hashed secret and cannot be used to decrypt the encrypted master key
    • Is used only to authenticate API calls

Key Decryption

When you login or use the SDK to connect to the mintBlue service, our servers will give you back your encrypted master key. Your password or SDK key will then be used to generate your key encryption key. Your key encryption key is then used to decrypt your encrypted master key.

๏ปฟ

๏ปฟ

๏ปฟ

๏ปฟ

Privacy

  • Since only you know your password or SDK key, only you can generate your key encryption key
  • Since only you can generate your key encryption key, only you can access your master key
  • Since only you can access your master key, only you can decrypt your encrypted data
  • Since only you can access your master key, only you can validly sign your data

SDK

Encryption

The SDK can be used to ๏ปฟCreate an encrypted data transaction, simply by setting the encrypt property to true. This will result in the SDK using your master key to encrypt your data or files using ECDH-ES+A128GCM. Only the encrypted data will be sent to the server. Your data is yours, mintBlue cannot access your encrypted data!

Digital Signatures

The SDK can be used to ๏ปฟCreate a signed data transaction, simply by setting the sign property to true. This will sign your data using your master key with ES256K. The signature will be attached to the transaction.

๏ปฟ

Schematic overview
Schematic overview
๏ปฟ

๏ปฟ

Updated 08 Feb 2023
Did this page help you?
Yes
No
UP NEXT
Envelopes
Docs powered byย archbeeย 
TABLE OF CONTENTS
Key Encryption
Access Tokens
Key Decryption
Privacy
SDK
Encryption
Digital Signatures