> For the complete documentation index, see [llms.txt](https://cryptic-documentation.gitbook.io/cryptic-documentation/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://cryptic-documentation.gitbook.io/cryptic-documentation/frequently-asked-questions/security-and-cryptography.md). # Security & Cryptography #### What kind of encryption does Cryptic use? Cryptic uses modern post-quantum cryptography as part of its secure communication and cryptographic identity stack. This includes: * **ML-KEM-768 / Kyber** for post-quantum key encapsulation and shared secret establishment * **ML-DSA / Dilithium** for post-quantum digital signatures, identity verification, invite flows, and protocol-level verification * **Classical cryptographic primitives** where appropriate for compatibility, authentication, message encryption, and hybrid security models Cryptic’s goal is to protect secure communication, cryptographic identity, encrypted data transfer, invite flows, and protocol-level verification against long-term quantum risk. *** #### Why is post-quantum cryptography important? Many widely used encryption systems face long-term risk from sufficiently powerful quantum computers. This matters because sensitive data can be collected today and attacked later if the underlying cryptography becomes vulnerable in the future. Cryptic is built with post-quantum security as a core design principle, not as a later add-on. The goal is simple: long-lived communication, identity, financial context, and encrypted data should be protected by infrastructure designed for the next security era. *** #### Are communications end-to-end encrypted? Cryptic is designed to support encrypted direct communication and group communication across its product stack. Communication content is encrypted so that intended participants can access it, depending on the specific product surface, feature, and implementation path. As Cryptic continues to evolve across Mobile, Desktop, and SDK infrastructure, additional protocol upgrades may be added over time, including stronger forward secrecy, key transparency, and metadata-reduction improvements. *** #### Does Cryptic collect metadata? Cryptic is designed to minimize unnecessary metadata exposure and avoid centralized custody of user keys or communication content. Some operational metadata may still be required for service delivery. This may include routing, timestamps, delivery status, account state, or network activity, depending on the product surface and feature being used. Cryptic’s roadmap includes further privacy and security hardening to reduce metadata exposure over time. *** ### Wallet & Payments #### Is Cryptic custodial? No. Cryptic is designed around non-custodial wallet functionality and user-controlled key material. Where non-custodial wallet flows are used, users remain in control of their assets, wallet actions, approvals, and identity. Cryptic is not designed around taking custody of user private keys. *** #### Where are private keys stored? Cryptic uses platform-native secure storage where supported. On mobile, this may include: * **iOS Keychain / Secure Enclave** where supported * **Android Keystore / StrongBox / TEE-backed protection** where supported On Desktop and SDK-based integrations, secure storage may vary depending on platform, deployment model, and implementation. Cryptic’s key management approach is designed to preserve user control while making secure access practical across Mobile, Desktop, and future SDK-based workflows. *** #### Can I send crypto inside Cryptic? Yes, where enabled. Cryptic supports crypto-native payment coordination and wallet-based payment flows inside secure communication environments. The goal is to let users move from communication to payment without constantly switching apps or manually copying wallet addresses. Users can coordinate, review, approve, and confirm supported wallet or payment actions through the Cryptic experience. *** #### Which blockchains does Cryptic support? Cryptic uses Solana infrastructure for fast, low-cost transaction activity across supported product surfaces. The mobile app also includes multichain wallet support, and the broader architecture is designed to support additional networks and integrations over time. Cryptic’s approach is practical: strengthen communication, identity, and coordination with post-quantum security while remaining compatible with the blockchain networks users already rely on. *** #### Does Cryptic support DeFi features? Yes. Cryptic Desktop is designed to support crypto-native financial workflows inside one secure workspace. Supported and planned workflows may include: * Token swaps * Lending and borrowing * Wallet activity * Payment coordination * Privacy-focused transaction flows where available * Encrypted storage and vault workflows * Confidential AI workflows * Ecosystem integrations Cryptic Desktop is designed to reduce the need to move between communication tools, wallets, DEX interfaces, lending dashboards, storage platforms, and AI tools. The goal is to bring secure communication, wallet actions, DeFi workflows, encrypted data, and Private AI closer together through one cryptographic identity layer. *** --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://cryptic-documentation.gitbook.io/cryptic-documentation/frequently-asked-questions/security-and-cryptography.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.