Yend Security Architecture

Yend's brand-specific data protection scheme, EPC-256, adds a secret 256-emoji permutation alphabet derived from the user's key on top of industry-standard AES-256-GCM encryption. Each record first passes through authenticated AES-256-GCM encryption, then is encoded with this private emoji alphabet.

The advantage of this approach: the same plaintext turns into a different emoji pattern on every encryption operation (the initialization vector changes). Statistical pattern analysis is practically useless; even if the database leaks, an attacker sees only emoji ciphertext without the key.

The vault key is derived from the user's master password through a modern key-hardening derivation flow. The master password is never stored as-is, never logged, and never transmitted.

The derived key lives only while the vault is active and in a limited memory area. No read or write operation is possible on a locked vault; at the end of the session the key material is wiped from memory.

Yend's query architecture does not use the 'decrypt and compare' approach. For critical fields like phone numbers and usernames, a blind-index structure is built that finds matches without needing plaintext.

This lets everyday functions like operational search, membership checks and uniqueness validation run without sensitive data ever being exposed.

Traditional 'encrypted storage' approaches are ineffective when the key and data live on the same system. At Yend, the key material resides in a vault layer logically and physically separate from the database.

Even if a database backup leaks, an attacker sees only emoji patterns: no plaintext, no key, and no metadata that would help derive either.

Yend avoids exaggerated security claims. We share our approach transparently and openly note any gaps or areas that can be improved.

We make no absolute claims such as 'full zero-knowledge transport' until a capability is proven. As the architecture matures, relevant updates will be published on this page.