Skip to content
GolemDrive Docs

Understanding Encryption

You’ve probably seen the word “encrypted” a lot around GolemDrive. Here’s what it actually means for you, without any technical jargon.

The locked box analogy

Section titled “The locked box analogy”

Imagine you want to mail a valuable item to a friend. Instead of just putting it in a box and hoping nobody opens it along the way, you:

  1. Put the item in a steel lockbox
  2. Lock it with a key that only you have
  3. Mail the locked box

The postal service carries the box, but they can’t open it. If someone steals the box off the truck, they can’t open it either. Only someone with the right key can get inside.

That’s exactly how GolemDrive works with your files.

What happens when you upload

Section titled “What happens when you upload”

When you upload a file to GolemDrive, here’s what takes place:

  1. On your device, your file gets scrambled using a secret key. The scrambled version looks like random nonsense to anyone who doesn’t have the key.
  2. The scrambled file travels to our servers over the internet. Even if someone intercepted it along the way, they’d just see gibberish.
  3. Our servers store the scrambled file. That’s all they ever see — scrambled data.

The key that locks and unlocks your files exists only on your device. We never see it. We never store it. We can’t ask for it.

What happens when you download

Section titled “What happens when you download”

When you want to open one of your files:

  1. The scrambled file is sent back to your device
  2. Your device unscrambles it using your key
  3. You see the original file, exactly as you uploaded it

This all happens automatically in the background. You just click a file and it opens — the encryption and decryption are invisible to you.

Why this matters

Section titled “Why this matters”

Most cloud storage companies — Google Drive, Dropbox, OneDrive — encrypt your files on their servers, using their keys. That means:

  • The company can technically read your files
  • If the company gets hacked, attackers could potentially access your files
  • If a government asks the company for your files, the company can hand them over

With GolemDrive, none of that applies. Because the encryption happens on your device with your key:

  • GolemDrive employees cannot read your files — we literally don’t have the ability to
  • If our servers were hacked, attackers would only get scrambled data they can’t decode
  • If anyone asks us for your files, we can’t hand over readable versions because we don’t have them

The trade-off

Section titled “The trade-off”

This level of privacy comes with one important trade-off: we can’t help you recover your files if you lose access to your account.

Since we don’t hold your keys, we can’t decrypt your files for you. That’s why your recovery phrase is so critical — it’s your backup plan for getting your keys back if something goes wrong.

The bottom line

Section titled “The bottom line”

With GolemDrive, your privacy isn’t based on a company policy or a promise. It’s built into the math. Your files are locked before they leave your device, and only you hold the key. That’s what makes it different.