Who you are, what you say, and what you share - not even Luffa knows

Every feature on Luffa is built with the principle of being tamper-proof, surveillance-resistant, and user-sovereign.

Dimension

Luffa

Traditional Social Apps

Account Creation

Locally generated public-private key pair; user holds the private key; platform has no access or recovery mechanism.

Accounts managed via username/password; credentials stored on platform servers; password can be reset.

Encryption Protocol

End-to-end encryption (E2EE) using RSA + AES hybrid architecture; platform cannot decrypt messages.

Typically secured via TLS/HTTPS; server-side access allows message analysis, filtering, and algorithmic processing.

Message Readability

No – All messages are encrypted on-device and transmitted in ciphertext; platform has zero visibility.

Yes – Unencrypted content is accessible to the platform for ads, moderation, or analytics.

Content Moderation & Bans

Platform cannot view or moderate any content; all governance is managed by on-chain smart contracts and permissions.

Centralized moderation tools allow platforms to review, censor, or ban accounts and content as needed.

Data Storage Location

All data is stored locally on your device.

Data is stored on centralized servers, enabling retention, retrieval, analysis, and reuse.

Luffa has neither the technical capability nor any system backdoor that can access your data.

Message Access

❌ Only your local device can decrypt your messages - the platform has zero access.

Content Moderation & Filtering

❌ No keyword filters or moderation tools - the platform cannot block, alter, or delete your content.

Identity Suspension & Recovery

❌ Your identity is fully sovereign - the platform cannot reset, revoke, or recover it.

Data Hosting & Logging

❌ No user data is stored on Luffa’s servers - there is nothing to fetch, track, or cache.

PreviousWhy Choose Luffa?NextA truly decentralized, sovereign Web3 communication experience

Last updated