The modern Internet is no longer a space of freedom.
Today it’s a network of surveillance built on the collection and monetization of user data.
Sekura is being created as a technological alternative: a private infrastructure where the user owns their data and decides who can access it — and when.

The Problem: Privacy as an Illusion

Most online services promise security, but in reality they control user data — storing it in centralized databases, indexing it, and using it for profiling.
Even encrypted messengers and “cloud” platforms often contain hidden mechanisms of identification.
Privacy on today’s Internet is not a technical guarantee but a matter of trust.
Sekura proposes to change the very structure of trust.

Sekura Architecture

Sekura is not just a set of libraries or apps.
It is a data storage and exchange system built on the principle of self-defined keys and context.

Every entity in Sekura has a unique Key based on UUIDv7 — a standard that combines a timestamp with cryptographic entropy. This enables deterministic addressing of objects without a central registry.

Storage is organized around the following ideas:

  • Isolated context spaces
    Objects are not stored in a global database but in contexts defined by the key of the owner or application.

  • Object-type-based cryptographic encryption
    Each object is encrypted individually using derived keys (crypto_kdf_derive_from_key), which prevents leaks between spaces.

  • Local authority (localAuthor_)
    A device is its own root of trust — it generates and stores its cryptographic material without sharing it with the network.

  • Semantic types (STORAGE_KEYS, STORAGE_OBJECTS, STORAGE_SETTINGS)
    These types determine how an object is processed, encrypted, and replicated.

Cryptographic Tools (libsodium)

Sekura uses proven primitives from libsodium — an industry-standard library for secure cryptography.

Key components:

  • 🔒 crypto_secretbox_easy() / crypto_secretbox_open_easy()
    Authenticated symmetric encryption (AES-GCM equivalent) based on XSalsa20-Poly1305.
    Used to encrypt object values (Storage::CryptValue).

  • 🧩 crypto_kdf_derive_from_key()
    Generates derived keys from the device’s root master key.
    Enables independent keys for different data spaces without exposing the original key.

  • 🧠 crypto_generichash() (BLAKE2b)
    Used for generating short identifiers and deterministic context hashes.
    Applied during key creation, UUID generation, and object addressing.

  • 🔑 crypto_sign_* (Ed25519)
    Provides digital signatures within localAuthor_.
    Ensures data authenticity and prevents tampering.

  • 🎲 randombytes_buf()
    Source of cryptographically secure randomness — used for UUIDv7 and symmetric keys.

Core principle:
Sekura has no “universal” key. Every object is encrypted with its own derived key, computed deterministically from context and ownership. Even if one data segment is compromised, mass decryption is impossible.

The Philosophy of Privacy

Sekura is based on the idea that privacy is not a feature — it is the state of the system.
It is not layered on top of a service — it is built into the architecture.

In Sekura, there is no “user of the system.”
There is a system that belongs to the user.

That means:

  • No centralized authentication
  • No external identifiers (phone, email)
  • No tracking, cookies, or fingerprinting
  • Each node is autonomous yet interoperable through open protocols

Sekura as a Product

Sekura is a platform for building private IDEs, apps, and storage systems.
It provides a low-level API for:

  • managing entities and keys (EntityModel, EntityFilterModel),
  • cryptographic encryption/decryption (Storage::CryptValue),
  • contextual filtering and data routing.

The codebase is written in C++, uses libsodium, and is designed for readability and minimal dependence on external systems.

The Future: An Autonomous Network of Trust

Sekura is a step toward decentralized identity, where data never leaves the user.
The system is evolving toward autonomous synchronization and peer-to-peer routing, allowing nodes to exchange encrypted data without intermediaries.

Privacy stops being a product.
It becomes the foundation of interaction.

About the Project

More details are available in the Sekura Manifest:
https://sekura.world/posts/sekura-manifest/

It describes the philosophy and technical principles of the project.