How it Works

Encrypted at Rest

When you post on Gravity, it’s immediately encrypted so that only your friends can decrypt it. No one but them can even tell whom it’s to. It’s encrypted so well that all of your posts, messages, and other data are actually public—but only your friends can decrypt it, so to everyone else it looks like nonsense. Personal data breaches are impossible when all of the data is encrypted at rest and out there, safe, already.

You don’t have to trust us, or anyone, to keep your data safe; it’s already protected.

peer to peer

Gravity is built on IPFS, the InterPlanetary File System, where what matters is the data itself instead of the location it’s stored. When your friend tries to see your posts, all that matters is that someone, somewhere on the internet, is storing your (encrypted) data. No more needing Facebook’s servers to be online to get your own data. As long as someone out there has it, your friend’s device can decrypt it, verify that you sent it, and show your post.

It doesn’t matter who is storing the data, and you don’t have to trust them, unlike how having an @gmail.com account means you’re stuck with Google reading all of your mail.

whitepaper & source code

For all the details about how that’s possible and why it’s secure, check out the first draft of our whitepaper and the open source protocol everything is built on.