đUser-Owned AI
Last updated
Last updated
Coretex supports User-owned AI through multiple layers of end-to-end encryption which guarantees that no one except the user can read that data - not even the ones with access to Coretex servers. This is achieved by using multiple military-grade encryption techniques and SOTA (state-of-the-art) algorithms for encryption.
To fully show the power of User-Owned AI on Coretex we will go through multiple steps on how to make sure that everything is safely encrypted:
Setting up the Master key which will be used for encryption
Creating encrypted Project
Using Coretex Secrets to store sensitive data
Authorizing Node to access encrypting data by using end-to-end encryption
This is a tutorial about how to use Coretex encryption features. If you need a technical documentation about how Coretex implements encryption protocols visit this page.
Setting up the Master key is as simple as entering a secret (similar to password) which is used to initialize the Master key.
First time you enter a Master key a private and a public part of the key will be initialized. Public part of the key will be submitted to Coretex so it can perform the validation to make sure that the next time you enter your Master key it is correctly entered. Private part of the key is kept fully secure and it never leaves the user's PC.
You can verify that the private part of the Master key never leaves the user's PC by inspecting the outgoing network traffic of the browser.
Public part of the key is used for encrypting data, whilst private part of the key is used for decrypting data, thus making sure that the user is the only one who can read the encrypted data.
Now that you've successfully initialized your Master Key you can move onto creating an encrypted Project. Creating an encrypted Project is just a matter of pressing the "Encrypted" toggle during the Project creation and if your Master key was initialized that's it, you'll be able to create your first encrypted project.
It is not possible to create encrypted Project if you do not have a Master key initialized.
Sometimes running some Workflows requires providing sensitive data as parameters (ex. database credentials, aws s3 access token, etc...). Coretex provides a way of storing this data securly by encrypting it using your Master key, yet allowing the usage of this data through Workflow parameters.
To create a Coretex Secret press on your user icon in top right corner of the Coretex and select "Secrets" in the popup which appears. This will take you to Coretex Secrets page from which the Secrets can be created and previewed.
There are multiple types of secrets supported by Coretex:
Credentials (ex. database, accounts, etc...)
AWS (ex. s3 access token)
Git (access token)
It is not possible to create Coretex Secret if you do not have a Master key initialized.
Since the user is the only one with knowledge of the decryption key used to decrypt encrypted data a question arises on how can you execute Workflows inside of an encrypted Project without making your encryption key known to Coretex.
There are 2 components to authorizing Node:
Node can also have its own Master key set
If a Node has Master key set then a key used to encrypt and decrypt Project data can be shared between the Node and the user - this is known as Node Authorization on Coretex
Node's Master key can be set during Node configuration. If you want to authorize a Node to access your Project (or any other Coretex Secret) all you have to do is open that Node on Coretex and press "Authorize Node" button. This will open a prompt asking you which Secret should be shared with the Node.
Only trusted Nodes should be authorized to access encrypted data.
It is not possible to create Coretex Secret if you do not have a Master key initialized.
That's it! Now you know everything there is about protecting your data by using state-of-the-art encryptiong algorithms on Coretex.