Rebuilt from code, migrations, and PRIVEX_DOCS_V2
One deployable visual system for how Privex stores, moves, and refuses data.
The old output split large Mermaid graphs across separate pages and mixed implemented behavior with future design. This version keeps the diagrams stable, distinguishes current code from planned work, and maps each storage or transport layer to the privacy guarantee it provides.
Corrections from the previous output
Facts that changed the shape of the visuals
Database and local storage
What exists, where it lives, and why it is safe to store
The cards below use the current migrations and IndexedDB schema. Sensitive values are called out by encryption boundary, retention, persistence, and what the server deliberately never records.
Retention and deletion
Data lifetime by layer
Privex does not depend on a human deleting logs later. Most sensitive server-side operational state is either Redis TTL-bound, UNLOGGED, or hard-deleted by protocol events.
How it runs
Current data flows and deferred paths
Each flow names what the server can observe, what it cannot observe, and where current code diverges from the broader V2 target.
Protection stack
What each layer provides to the next
This separates cryptographic protection, metadata protection, storage hardening, and operational guardrails.
Server seizure model
What an attacker finds versus what architecture withholds
What can be found
What is absent by design
Complete connected view
From device secrets to no-log infrastructure
The final map shows the current deployable shape and the planned metadata layer without pretending every V2 feature is live today.
Generates keys, encrypts plaintext, stores local state encrypted, signs auth challenges.
Phase 1 protects content and social graph; Phase 2 targets traffic analysis and censorship.
Routes, verifies, signs timestamps, and stores opaque state without receiving plaintext or IP logs.
Public keys, sealed queue, encrypted opt-in backup, Redis TTLs, and content-addressed encrypted chunks.
Limits what survives disk imaging, service compromise, operator access, or legal seizure.