security
Private means link-locked.
Private content is encrypted in your browser before upload. The private link contains the secret required to read it. The server stores encrypted content only.
What is public
The public link shows the card fields agents need: status, boundaries, allowed actions, ask-first rules, public resources, JSON, Markdown, schemas, and the public request key.
What is private
The private link opens locked notes and inbox notes. Signing in proves account identity, but it does not unlock locked content. If you lose the private link, locked content is unrecoverable.
Creating cards
- Public-only cards need no private link. Agents read the public URL only.
- Cards with a private note or inbox need a private link at creation. Copy it from the edit page while your browser still has the key — we cannot restore it later.
- Inbox and private-note sections cannot be added after the card is created in v1.
How to verify
- 1. Open browser DevTools, then open the Network tab.
- 2. Create or edit a card with a unique private note, for example
purple elephant private test. - 3. Inspect the request to
/api/cards. - 4. Confirm the private phrase is not present in the request body.
- 5. Confirm the request contains only the encrypted private blob: ciphertext, nonce, and algorithm.
- 6. Open the public link and confirm locked content is unavailable; open the private link and confirm it decrypts in the browser.
Stored private format
The server accepts one encrypted shape for private card fields. The secret key is not in this object; it is carried by the private link fragment as #key=....
{
"encryptedPrivateBlob": {
"algorithm": "aes-gcm-v1",
"ciphertext": "base64url(AES-GCM ciphertext and tag)",
"nonce": "base64url(12 random bytes)"
}
}No back door
Operators can see operational metadata needed to run the service. They cannot read locked card content or inbox notes unless they have the private link secret.