# CryptoProto — Full Documentation > Decentralized content ownership powered by cryptography, not contracts. ## Overview CryptoProto is a decentralized content ownership protocol. It encrypts digital content with AES-256-GCM, stores the encrypted ciphertext permanently on Arweave (a decentralized storage network where data cannot be altered or deleted), and uses Solana NFTs as cryptographic proofs of ownership that gate access to the decryption keys. The system operates without platforms, subscriptions, or middlemen. Ownership is verified on-chain in real time, and access rights transfer automatically when the NFT changes hands. ## Architecture ### Encryption Layer - Algorithm: AES-256-GCM (authenticated encryption) - Content is encrypted client-side before upload - Each piece of content gets a unique encryption key - The encrypted file (ciphertext) is stored permanently on Arweave ### Storage Layer — Arweave - Decentralized permanent storage network - Data is replicated across the network and cannot be altered or deleted - Ciphertext lives on the blockchain forever - Content is addressed by transaction ID ### Ownership Layer — Solana NFTs - NFTs serve as cryptographic proofs of ownership - Each NFT corresponds to a specific piece of encrypted content - Ownership is verifiable on-chain by anyone - NFTs can be transferred, sold, or gifted on any compatible marketplace - Access rights move automatically with the token — no admin panels, no support tickets ### Key Escrow — Cloudflare Workers - Decryption keys are stored in a key escrow service - Runs as Cloudflare Workers distributed across 300+ points of presence worldwide - Keys are encrypted at rest - Challenge nonces expire automatically - Zero servers, zero configuration required ### Verification Flow 1. Viewer requests access to encrypted content 2. The escrow issues a cryptographic challenge (nonce) 3. Viewer signs the challenge with their Solana wallet 4. Escrow verifies the signature 5. Escrow confirms NFT ownership on-chain via Helius DAS API 6. Verification happens in real time against actual blockchain state 7. Upon successful verification, the decryption key is released 8. Viewer decrypts content client-side ## NFT Philosophy CryptoProto uses NFTs as functional infrastructure, not collectibles or speculative assets: - **Vehicle, not gallery**: An NFT is a digital device for verifying ownership. It can represent a license, subscription, file access, or any form of digital ownership. - **Transferable**: Because ownership lives on-chain, it can be transferred to someone else, sold on any compatible marketplace, or gifted — access rights move automatically. - **Utility over hype**: The token gates access. The blockchain enforces it. No floor prices, no collections to flip. Just ownership that works. ## MCP Integration CryptoProto is MCP-native (Model Context Protocol). AI agents can interact with the full protocol through seven composable tool calls: ### Tool Calls 1. **encrypt(file, key)** Encrypts content with AES-256-GCM using the provided key. 2. **upload(ciphertext)** Uploads encrypted ciphertext to Arweave for permanent storage. Returns a transaction ID. 3. **mint(nft, metadata)** Mints an NFT on Solana with the provided metadata, linking it to the encrypted content. 4. **register(key)** Registers the decryption key with the key escrow service, associated with the NFT. 5. **challenge(wallet)** Issues a cryptographic challenge to a wallet address for ownership verification. 6. **verify(signature, nft)** Verifies the wallet signature and confirms NFT ownership on-chain. 7. **decrypt(ciphertext, key)** Decrypts content using the provided key after successful verification. ### Agent Workflow An AI agent can go from plaintext to NFT-gated permanence in a single sequence: encrypt → upload → mint → register (creator flow) challenge → verify → decrypt (access flow) ## Security Model - Content is encrypted before it leaves the client - Decryption keys never leave the escrow without cryptographic proof of ownership - The encrypted file never leaves Arweave - All verification happens against live on-chain state - Challenge nonces are single-use and time-limited - Keys are encrypted at rest in the escrow - No central authority can revoke access — ownership is enforced by the blockchain ## Technical Stack - **Encryption**: AES-256-GCM - **Storage**: Arweave (permanent, decentralized) - **Blockchain**: Solana (NFTs, ownership verification) - **Ownership API**: Helius DAS API (on-chain state) - **Key Escrow**: Cloudflare Workers (300+ edge locations) - **Agent Protocol**: MCP (Model Context Protocol) ## The Model Creators encrypt once. Owners access forever. The key never leaves the escrow without proof. The file never leaves Arweave at all. This is ownership built on cryptography instead of contracts. ## Site Map - `/` — Marketing landing page. - `/docs` — Documentation: overview, architecture, getting started, tool reference (signatures + params + examples), escrow REST API (`POST /challenge`, `POST /verify`, `POST /release`), security model, FAQ. All sections have stable anchor IDs (`#overview`, `#tools-encrypt`, etc.). - `/tools` — Install hub. JSON config snippets for Claude Desktop, Cursor, and Claude Code (with a placeholder `` for the MCP server `command`/`args` until the package is published). Lists supported runtimes (Node 20+, Bun 1.1+) and the seven tools at a glance. - `/about` — Long-form rationale: the ownership problem, why cryptography over contracts, why Arweave + Solana + MCP, and what ships in v1. Project block credits Joey Janisheck; status `v0.1.0-alpha`, MIT license. No public repo, npm package, or contact links yet. ## Links - Website: https://cryptoproto.com