- What is Epiwall?
Epiwall is a social network designed to respect the privacy of its users. Privacy is achieved by: (i) keeping users anonymous; (ii) not storing any passwords in the user accounts; (iii) not storing any email, phone numbers or any other information that can identify the user; and (iv) encrypting all user-generated content with end-to-end encryption.
- What is end-to-end encryption?
End-to-end encryption is the process of encrypting user-generated content at the user's device, such that what is stored in our servers is the encrypted version of the generated content; such encrypted content that is downloaded to any other device is decrypted at that device. The keys used for encryption/decryption are only known to: (i) the user generating the content; and (ii) the users authorized by such user (e.g. the members of the space). Thus, anyone with access to our databases but without the keys will not be able to decrypt the content, adding a strong layer of privacy and security.
- What type of encryption does Epiwall use?
We use strong encryption standards: 2048-bit RSA (for sharing symmetric keys among users) and 256-bit AES (for encrypting content using symmetric keys).
- What is the difference between a private and a public space?
Although both types of spaces are encrypted, the difference lies on who has access to the keys. The encryption keys for public spaces are publicly available; encryption keys for private spaces are only available to the users that are allowed as members by the owner of the space.
- Who can see what I post in a private space?
Only the members of the space, which are allowed only by the owner of the space using an invitation/joining/verification/acceptance process.
- Who can see what I post in a public space?
Any registered user can see what you post in a public space.
- Can someone who left a private space still see the content of the space?
Keys are rotated every seven days, which means that any user who left the space won't have the keys of content generated seven days after he/she left (in the worst-case scenario); thus (in theory) any content generated before that period should be "visible" to such user. However, our application does not provide content of private spaces to users that are not members of that space.