Security & Privacy

How StampedSafe protects your data

Local-First Architecture

StampedSafe is built on a local-first architecture. This means your content never leaves your device during proof creation.

All Cryptography Runs Locally

SHA-256 hashing and Ed25519 signing happen entirely in your browser. We never see your original content.

No Server Storage

Proofs are generated client-side and stored in your browser's local storage. We don't maintain a database of proofs.

Privacy by Design

Even if you share a proof link, the content is only visible if you include it. Hash-only proofs reveal nothing about the content.

What We Collect

StampedSafe collects minimal data:

  • Anonymous usage metrics — Page views and feature usage to improve the product. No personal identifiers.
  • Payment information — Handled entirely by Stripe. We never see your full card number.
  • Support emails — If you contact us, we retain communication to provide support.

We do NOT collect:

  • Your proof content or messages
  • File contents or metadata
  • Browsing history or tracking cookies
  • Personal information beyond what you voluntarily provide

Threat Model

StampedSafe provides protection against specific threats:

Protected

Content Tampering

SHA-256 hashing detects any modification to the original content. A single changed character invalidates the proof.

Protected

Signature Forgery

Ed25519 signatures are computationally infeasible to forge. Each proof is cryptographically bound to its content.

Protected

Proof Modification

Any change to any field in the proof causes verification to fail. Proofs are self-validating.

Not Protected

Trusted Timestamps

Timestamps use your device's local clock, not a trusted time authority. The proof shows when YOU claim it was created.

Not Protected

Identity Verification

Proofs don't verify identity. Anyone with the content can create an identical proof. We don't know who created what.

Cryptographic Primitives

StampedSafe uses industry-standard, well-audited cryptographic algorithms:

SHA-256
NIST-approved hash function (FIPS 180-4) with 256-bit output. Resistant to collision and preimage attacks with current technology.
Ed25519
Edwards-curve Digital Signature Algorithm (RFC 8032). Provides ~128-bit security with fast verification and small signatures.
Implementation
We use the @noble/ed25519 library, a zero-dependency implementation by Paul Miller that has been audited and is widely trusted.

Browser Security

StampedSafe implements modern web security best practices:

  • Content Security Policy — Strict CSP headers prevent XSS attacks and unauthorized script execution.
  • HTTPS Only — All connections are encrypted with TLS 1.3.
  • No Third-Party Scripts — We don't include tracking pixels, ad networks, or external analytics that could compromise privacy.
  • Subresource Integrity — External resources include integrity hashes to prevent tampering.

Reporting Security Issues

If you discover a security vulnerability, please report it responsibly:

Email: security@stampedsafe.com

We take all reports seriously and will respond within 48 hours. Please include details about the vulnerability and steps to reproduce.