Your Data , Your Keys
Zero-knowledge encryption for private fights
When you mark a fight as private, Fight Club encrypts every piece of content — topics, messages, documents, AI-generated summaries — with a key derived from your personal vault password. The server never stores your password and cannot read your encrypted data. Built on AES-256-GCM, quantum-resistant by NIST standards.
How It Works
What's Encrypted
| Data | Private Fight | Public Fight |
|---|---|---|
| Fight title & topic | Encrypted | Plaintext |
| All debate messages | Encrypted | Plaintext |
| Uploaded documents (PDF, images) | Encrypted | Plaintext |
| Extracted PDF text | Encrypted | Plaintext |
| Fighter personas & system prompts | Encrypted | Plaintext |
| AI-generated summaries | Encrypted | Plaintext |
| API keys (all providers) | Encrypted | Encrypted |
| RAG endpoint keys | Encrypted | Encrypted |
Architecture
Zero-Knowledge Design
Your vault password is never stored on the server — not even as a hash. We store only a random salt and an encrypted verifier (a known plaintext encrypted with your derived key). The server can verify your password is correct but cannot recover it or derive your vault key without it.
Session Management
When you unlock your vault, the derived key is encrypted with the server's master key and cached for 4 hours. After that, the vault auto-locks and you must re-enter your password. Running fights hold the key in memory for the fight duration.
File Encryption
Uploaded documents (PDFs, images) are encrypted on disk using AES-256-GCM with your vault key. The binary format prepends the IV and auth tag directly to the ciphertext — no hex encoding overhead. Files are decrypted only when served to the authenticated owner.
Server-Side Security
A separate server master key (AES-256, from environment variable) provides a second encryption layer for vault session keys at rest. All communication happens over HTTPS. CSRF protection and rate limiting are enforced on all API endpoints.
No Password Recovery
By design, there is no password recovery. If you forget your vault password, your encrypted fight content and API keys are permanently unrecoverable. You can reset your vault, which deletes all encrypted data and lets you start fresh — but the old data is gone forever. This is the tradeoff for true zero-knowledge security: nobody, not even us, can access your encrypted data without your password.
Quantum-Resistant by NIST Standards
Fight Club uses AES-256, which NIST classifies as quantum-resistant. While Grover's algorithm theoretically halves symmetric key strength against a quantum computer, AES-256 would still provide an effective 128-bit security level — far beyond what is computationally feasible.
Post-quantum threats primarily target asymmetric cryptography (RSA, ECDH, ECDSA) used in key exchange and digital signatures. Our vault uses only symmetric primitives — scrypt for key derivation and AES-256-GCM for authenticated encryption — both of which remain secure in a post-quantum world.
NIST's post-quantum standardization effort (FIPS 203/204/205) does not address symmetric encryption because AES-256 is already considered sufficient for the post-quantum era.
Technical Specifications
- Encryption Algorithm
- AES-256-GCM
- IV Length
- 12 bytes (random per operation)
- Auth Tag
- 16 bytes (tamper detection)
- Key Derivation
- scrypt (N=16384, r=8, p=1)
- Salt
- 32 bytes (random per user)
- Vault Key Size
- 256 bits (32 bytes)
- Session TTL
- 4 hours (auto-lock)
- Transport
- HTTPS (TLS 1.2+)
- Format (text)
- iv:authTag:ciphertext (hex)
- Format (files)
- IV‖authTag‖ciphertext (binary)
- Quantum Resistance
- AES-256 (NIST post-quantum safe)