Every message stored in the Afterword vault is encrypted at the application layer before it reaches storage. We use AES-256-GCM: the same authenticated encryption standard used by governments and financial institutions.

GCM mode provides both confidentiality and integrity verification. Each encryption operation generates a unique 96-bit initialization vector (IV) and a 128-bit authentication tag, ensuring that even identical plaintext produces different ciphertext and that any tampering is immediately detected.

In addition to our application-level encryption, all objects stored on Exoscale SOS are encrypted at rest using S3 Server-Side Encryption (SSE-S3). This means your data has two independent layers of encryption: our AES-256-GCM cipher, wrapped in Exoscale's storage-level AES-256.

Transparency note: The current encryption key (VAULT_ENCRYPTION_KEY) is a server-managed secret stored in our deployment environment (Vercel). This means Afterword's infrastructure can technically decrypt vault contents.

This is encryption at rest with operator-managed keys: the same model used by most cloud storage providers. It protects against database breaches, stolen disks, and unauthorized infrastructure access. It does not constitute true end-to-end (E2E) zero-knowledge encryption, where only the user holds the decryption key.

Our commitment: We are working toward client-side key derivation, where encryption keys are derived from user credentials and never stored on our servers. Until then, our operational security controls ensure that no team member can access vault contents without a documented, auditable reason.

All user-generated content: text messages, voice recordings, video notes, and file attachments: is stored on Exoscale Simple Object Storage in the ch-dk-2 datacenter (Zurich, Switzerland). Exoscale is a European cloud provider headquartered in Switzerland.

Your vault data physically resides on Swiss soil and is subject exclusively to Swiss federal data protection law (FADP/DSG): one of the strictest privacy regimes in the world.

Account metadata (email addresses, recipient identifiers, protocol configuration) is stored in a Supabase PostgreSQL database hosted in the EU (Frankfurt). Message content is not stored in this database: it lives exclusively on Exoscale SOS in Switzerland.

This separation ensures that even if the metadata layer were compromised, the attacker would obtain only encrypted references: not the actual vault contents.

Files are organized in a deterministic hierarchy for forensic clarity and clean deletion:

vault/
  └── {userId}/
       └── recipients/
            └── recipient_{recipientId}/
                 ├── message.json.enc        ← encrypted message blob
                 ├── voice_notes/            ← audio recordings
                 ├── video_notes/            ← video recordings
                 └── attachments/            ← uploaded files

Afterword's database enforces Row-Level Security (RLS) with a closed-by-default posture. There are no public-facing database policies. All data operations pass through authenticated server-side API routes using the Supabase Service Role.

This means that even if an attacker discovered the database endpoint, they could not read, write, or modify any records without the service role credentials: which are never exposed to the client.

User identity is managed through Supabase Auth with support for:

• →Magic Links: passwordless email-based login
• →OTP (One-Time Password): 6-digit codes for session verification
• →Google OAuth: federated identity via Google
• →JWT sessions: short-lived, scoped to the authenticated domain

Media files (audio, video, images) are never served directly. Access requires a two-step authenticated flow:

1. 01Client sends an authenticated request to the API with their JWT
2. 02API generates a presigned URL valid for 60 seconds
3. 03Client fetches the media directly from Exoscale using the short-lived URL

After 60 seconds, the URL expires and cannot be reused or shared.

When a Pulse Check is missed, a 17-day escalating countdown begins. During this period, multiple warnings are sent to the vault owner. If unresolved, the vault breaches and the designated Keyholder is contacted to verify the owner's status.

If the owner does not respond and the Keyholder confirms their passing, the platform triggers the automated release of vault contents to designated recipients. This duration ensures a balance between urgency and preventing false alarms.

After a successful vault release, recipients have exactly 15 days to access the delivered content. After this window closes, access is aggressively revoked. 30 days later, Afterword permanently and irrecoverably erases all associated data from both Exoscale SOS and the metadata database. Unclaimed vaults are auto-shredded after 12 months.

This is not a soft delete. The data is destroyed: no backups are retained, no recovery is possible. This ensures that your legacy exists only for its intended recipients, for the intended duration.

Before any critical operation (sync, recovery, account modification), the system captures a point-in-time snapshot of the user profile. A rolling window of up to 50 snapshots is maintained per user, balancing forensic utility with storage efficiency.

These snapshots provide an audit trail that can be used to detect unauthorized modifications or to assist in account recovery scenarios.