What Cipher Does Not Do

Cipher Limitations and Boundaries

Cipher enforces a strict local and deterministic encryption model. However, there are key limitations and boundaries it does not — and will never — attempt to cover.

1. No Server-Side Backup or Recovery

Cipher is fully stateless. This means:

• If you lose your private key, public key, or structured channel, Cipher cannot help you recover anything.

• There is no backup, no recovery email, no password reset — you are solely responsible for the safe retention of your parameters.

• Cipher will never introduce a fallback system that compromises its stateless guarantees.

2. No Identity Verification

Cipher does not verify if the key pairs or channels you use correspond to a legitimate identity. The system:

• Does not validate the origin of a key or message.

• Does not authenticate external identities or entities.

Users must ensure their counterpart’s identity and key integrity themselves, using out-of-band verification or physical exchange.

3. No Message History or Logs

Cipher does not store, log, or even recognize message history. All messages are:

• Ephemeral by default

• Stateless on creation

• Non-traceable within the system

This also means: if you don’t save your ciphertext, it is permanently lost once the interface is closed or refreshed.

4. No Real-Time Communication Infrastructure

Cipher is not a messaging platform. It does not:

• Handle message delivery

• Provide chat UI or notifications

• Maintain stateful sessions

All communications must be routed manually through external channels.

5. No Guarantee Against User Negligence

Cipher is robust against cryptographic attacks, but not against human error. It cannot protect against:

• Users choosing weak or invalid structured channels

• Keys stored in insecure environments

• Failure to update or rotate keys when necessary

Cipher's guarantees end where user diligence fails.