# Who you are, what you say, and what you share - not even Luffa knows

Every feature on Luffa is built with the principle of being tamper-proof, surveillance-resistant, and user-sovereign.

| Dimension                 | Luffa                                                                                                                | Traditional Social Apps                                                                                             |
| ------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- |
| Account Creation          | Locally generated public-private key pair; user holds the private key; platform has no access or recovery mechanism. | Accounts managed via username/password; credentials stored on platform servers; password can be reset.              |
| Encryption Protocol       | End-to-end encryption (E2EE) using RSA + AES hybrid architecture; platform cannot decrypt messages.                  | Typically secured via TLS/HTTPS; server-side access allows message analysis, filtering, and algorithmic processing. |
| Message Readability       | No – All messages are encrypted on-device and transmitted in ciphertext; platform has zero visibility.               | Yes – Unencrypted content is accessible to the platform for ads, moderation, or analytics.                          |
| Content Moderation & Bans | Platform cannot view or moderate any content; all governance is managed by on-chain smart contracts and permissions. | Centralized moderation tools allow platforms to review, censor, or ban accounts and content as needed.              |
| Data Storage Location     | All data is stored locally on your device.                                                                           | Data is stored on centralized servers, enabling retention, retrieval, analysis, and reuse.                          |

<br>

Luffa has neither the technical capability nor any system backdoor that can access your data.

| Message Access                 | ❌ Only your local device can decrypt your messages - the platform has zero access.                   |
| ------------------------------ | ---------------------------------------------------------------------------------------------------- |
| Content Moderation & Filtering | ❌ No keyword filters or moderation tools - the platform cannot block, alter, or delete your content. |
| Identity Suspension & Recovery | ❌ Your identity is fully sovereign - the platform cannot reset, revoke, or recover it.               |
| Data Hosting & Logging         | ❌ No user data is stored on Luffa’s servers - there is nothing to fetch, track, or cache.            |