Introduction#
Data Tokens provide a mechanism for exchanging data for cryptographically secure tokens, enhancing security by separating data storage from application systems. If a breach occurs in the application layer, only meaningless tokens are exposed - the actual data remains secure in external storage devices.Architecture Overview#
The Data Token system involves three distinct actors:1. Application (Profile)#
The application that needs to store sensitive data securely. Instead of storing data directly in its database, the application:Exchanges data for tokens with Privicore
Stores only tokens in its system
Uses tokens to retrieve data when needed
2. Privicore (Central System)#
The central coordination system that manages token lifecycle and routes encrypted data to storage devices. Privicore:Issues temporary tokens upon request
Coordinates data exchange and device routing
Tracks which devices belong to which profiles
Routes encrypted data to appropriate storage devices
3. Device/Storage (Profile)#
External software registered on behalf of a user that physically stores the encrypted data. Devices:Run outside the Privicore environment (desktop, mobile, server, etc.)
Are registered as profiles in Privicore
Receive and store encrypted data from Privicore
Provide data back to Privicore upon request
Data Flow Architecture#
User → Application → Privicore → Device/Storage
Token Lifecycle#
Step 1: Reserve Token#
The application requests a temporary data token from Privicore:Privicore generates a unique, temporary token identifier
Token has a time-to-live (TTL) - if not used within the timeframe, it expires and is removed
Token is returned to the application
Step 2: Exchange Data for Token#
The application uploads data and exchanges it for the reserved token:Application encrypts data with its private key
Encrypted data is sent to Privicore with the token identifier
Privicore encrypts the data again with its own key
Token becomes permanent once data is successfully exchanged
Step 3: Route to Device#
Privicore determines which devices belong to the user and routes the data:Privicore identifies all registered devices for the user's profile
Data is encrypted again with each device's public key
Encrypted data is transmitted to device(s)
Device stores the encrypted data locally
Multi-Layer Encryption#
Each actor in the chain encrypts data with their own keys, creating layered encryption:Original Data
↓ [Application encrypts]
Layer 1: Application-encrypted data
↓ [Privicore encrypts]
Layer 2: Privicore-encrypted data
↓ [Device encrypts]
Layer 3: Device-encrypted data (stored)
Decryption Flow#
To decrypt data, the process reverses through the chain:Device retrieves encrypted data
↓ [Device decrypts with private key]
Privicore receives data
↓ [Privicore decrypts with private key]
Application receives data
↓ [Application decrypts with private key]
Original Data
Token Properties#
Token Opacity#
Tokens are cryptographically generated identifiers with no embedded information:Tokens do not contain metadata about the data
Tokens cannot be reverse-engineered to reveal data content
Tokens are meaningless without authorization
Token Security Model#
Tokens are bound to the requesting profile
Token possession alone does not grant data access - profile authentication is required
Tokens can be revoked by deletion, immediately preventing data retrieval
All token operations are logged for audit purposes
Profile Requirements#
Every actor must be a registered profile in Privicore:Application Profile: Represents the system exchanging data for tokens
User Profile: May represent individual users of the application
Device Profile: Represents storage devices registered on behalf of users
Username and password for authentication
Public/private key pair for encryption and signing
Authorization token for API access
Use Cases#
Application Security#
Applications store only tokens in their databases. If compromised, attackers cannot access actual data - they only obtain opaque token identifiers that require profile authentication to use.Distributed Storage#
Data is automatically distributed to all devices registered under a user's profile, enabling multi-device access and redundancy without application-level coordination.Layered Encryption#
Multi-party encryption ensures that no single actor (application, Privicore, or device) can independently decrypt data - the full chain is required.Device Operation#
Devices store encrypted data locally and can operate independently. When data is requested via token, devices provide encrypted data back through Privicore to the requesting application.Token Management Features#
Reserve Token Space: Request a temporary token before data upload
Exchange Data for Token: Upload encrypted data to make token permanent
Request Data via Token: Retrieve data using a valid token
Configure Metadata: Set file and security risk metadata for tokens
List/Update/Delete: Manage token lifecycle and associated data
Statistics: Track token usage and transaction counts
Tokens are temporary until data is exchanged - unused tokens expire
All actors must authenticate as profiles with valid public keys
Data is encrypted at each layer of the chain
Token-based retrieval requires valid profile authentication
Treat tokens as sensitive identifiers within your application
