How SkiveCore Protects Your Private Chats

Guide Updated: May 2, 2025

At SkiveCore, keeping your private conversations truly private is our top priority. We use something called End-to-End Encryption (E2EE). Think of it like sending a message in a super-secure, locked box that only the intended recipient has the key to open.

Important: This high level of protection currently applies only to your private, one-on-one conversations in SkiveCore Messenger. Publicly visible content like posts, comments, blogs, video comments, etc., are not end-to-end encrypted because they are meant to be seen by others.

Your Digital Keys: Keeping Things Locked

When you create your SkiveCore account, your device automatically generates a unique set of digital keys, just for you:

  • Public Key: Think of this like your secure mailbox slot address. You can share this address freely. Others use it to send *you* locked messages. They can drop messages in, but can't open the mailbox.
  • Private Key: This is like the unique, physical key to your mailbox. Only you have this key. It stays on your device (phone, computer) and is used to *unlock* messages sent to you.

Securing Your Private Key: Your private key itself is incredibly sensitive. To protect it, we lock it using a powerful method derived directly from your account password. This means:

  • Your private key is stored in an encrypted (locked) format on our servers.
  • Only your password can unlock your private key on your device when you log in.
  • SkiveCore staff **cannot** access your unlocked private key, because we don't know your password.

Sending a Private Message: Locking the Box

Here’s what happens when you send a private message to someone on SkiveCore:

  1. You type your message on your device.
  2. Before the message leaves your device, SkiveCore uses a combination of your private key and the recipient's public key (their mailbox address) to lock the message.
  3. This "locked box" message travels through the internet (using standard secure connections like HTTPS) to our servers.
  4. The message is stored on our servers in its locked, unreadable format.
  5. When the recipient's device checks for new messages, it downloads the locked box.

Because it was locked using the recipient's specific public key, only *their* private key can unlock it.

Receiving a Private Message: Unlocking the Box

When you receive a private message:

  1. Your SkiveCore app downloads the "locked box" message from our servers.
  2. Your app uses your unique private key (which was unlocked by your password when you logged in) and the sender's public key (to verify it's from them) to unlock the message.
  3. Only then can you read the message content on your screen.

Why SkiveCore Can't Read Your Private Chats

This whole process – locking on the sender's device, unlocking on the recipient's device – means that the message is protected from "end-to-end".

  • The messages stored on SkiveCore servers are always in their locked, encrypted form.
  • Since SkiveCore doesn't have access to your password or your unlocked private key, we simply **cannot** decrypt and read your private conversations.
  • Additionally, each message gets a unique, one-time "digital serial number" (called a nonce) during encryption. This adds extra security, making sure every locked message is distinct.

Your private conversations remain visible only to you and the person you're talking to.

Important Note: Account Recovery & Message History

Because your private key is protected by your password, there's a critical trade-off for this high level of security:

If you forget your password and need to recover your account (which usually involves resetting your password), you will lose access to your old private key.

  • Without the original private key (unlocked by your original password), your device cannot decrypt your past end-to-end encrypted messages.
  • This means your previous private message history will become permanently unreadable after an account recovery / password reset.
  • New messages sent and received *after* the recovery will use new keys and be readable.

Please keep your password safe and secure! Consider using a password manager.

What Isn't End-to-End Encrypted?

Remember, E2EE on SkiveCore is specifically for ensuring the privacy of your direct, private conversations. Features designed for broader visibility are not end-to-end encrypted in the same way. This includes:

  • Public Posts
  • Comments on Posts
  • Blog Posts and Comments
  • Video Comments
  • User Profiles (information you choose to make visible)
  • Group chats (future feature - specific encryption details TBD)

These types of content use standard security measures like HTTPS but are not protected by E2EE involving your personal private keys.