Skip to main content

Managing Documents

Once documents are stored in the vault, you can view, download, and delete them through the vault interface. This guide covers all document management operations.

Viewing Documents

Document Groups

The vault displays documents in two groups:

  • Verified Documents: Documents attested by institutional verifiers. These appear with a verification badge.
  • Self-Attested Documents: Documents you uploaded yourself. These appear with a self-attested badge.

Within each group, documents are sorted by upload date, with the most recent documents first.

Document Details

Clicking on a document card shows additional information including document type, upload date, attestation type, and on-chain references.

Downloading Documents

To download a document to your device:

  1. Click the download action on the document card.
  2. Your wallet may prompt you to sign if your session has expired.
  3. The TEE fetches the encrypted file from IPFS, decrypts it, and sends the plaintext to your browser.
  4. Your browser's standard download dialog appears, allowing you to save the file.

Download Security

  • The decrypted file is transmitted from the TEE to your browser over TLS.
  • Once downloaded, the file is a standard unencrypted file on your device. Standard device security practices apply.
  • The TEE does not retain the decrypted file after delivery.

Deleting Documents

Soft Deletion

Deleting a document from the vault is a soft delete operation:

  1. Click the delete action on the document card.
  2. Confirm the deletion in the dialog that appears.
  3. The on-chain metadata is updated with a deletion flag.
  4. The IPFS file is scheduled for unpinning from Pinata.

What Deletion Does

ActionEffect
On-chain metadataMarked as deleted; historical record preserved
IPFS file (Pinata)Unpinned; will be garbage-collected by IPFS over time
Vault interfaceDocument no longer appears in your vault
Encryption keyNever stored; no key to delete

What Deletion Does NOT Do

  • Immediate IPFS removal: Unpinning a file from Pinata means Pinata stops hosting it. However, if other IPFS nodes have cached the file, the encrypted ciphertext may persist on those nodes until they garbage-collect it. Since the file is encrypted, this does not pose a confidentiality risk.
  • On-chain erasure: The historical record of the document's existence remains on-chain permanently. The deletion flag indicates the document was removed, but the metadata itself is immutable.

Permanent Deletion Considerations

Due to the nature of IPFS and blockchain storage, true permanent deletion is not possible in the traditional sense. However, the combination of IPFS unpinning and AES-256-GCM encryption ensures that:

  1. The encrypted file becomes progressively harder to access as IPFS nodes garbage-collect it.
  2. Even if the ciphertext persists somewhere on IPFS, it is unreadable without the encryption key, which can only be derived by the document owner's wallet inside the TEE.

Document Organization

Filtering

You can filter documents by:

  • Document type: Show only identity, financial, education, legal, or medical documents.
  • Attestation type: Show only verified or self-attested documents.

Sorting

Documents can be sorted by date or document type.