The Five-Link Proof Chain

How Enigma Works

No prior system cryptographically proves the right person was present at the moment of a confirmed request. Enigma solves this with a five-link proof chain.

The Problem No One Else Solves

Every health system can store your data. Some can encrypt it. A few can even audit who accessed it.

But none of them can prove that you — the actual biological person — were present and consenting at the exact moment your data was used. They verify passwords. They verify devices. They do not verify people.

The Five-Link Proof Chain

Every interaction with your data must pass through all five links. Break any link, and the request fails.

1

Enrollment

Nova is a real person

When you create your Enigma Biological ID (EBID), your biometric data — Face ID or fingerprint — binds your identity to your actual biology through Unifactor. This is not a password you can share or a device that can be stolen. This is you.

2

Identity

This EBID is Nova

Every access request proves this EBID belongs to you — not someone who stole your password, not someone who has your phone, not someone who knows your mother's maiden name. The system uses HMAC-SHA3-256 fingerprinting linked to your device key to verify identity continuously.

3

Consent

Nova personally authorized this

At the moment of every data request, you must biometrically re-authenticate. Not once during setup. Not once per session. Every single time. This proves you — the actual person — consciously authorized this specific action at this specific moment.

4

Request

Query answered on Nova's confirmed data

The query runs inside secure hardware enclaves with Signachain attestation. Your data never leaves your control — only the answer to the specific question you approved leaves the system. The researcher gets "yes, this patient qualifies" without ever seeing your full record.

5

Record

This happened and cannot be altered

Every action is cryptographically signed with ML-DSA-65 and timestamped per RFC 3161. The audit trail is tamper-proof forever. You can see exactly who asked what, when they asked it, and what answer they received. No one can edit this history. Not us. Not them. Not anyone.

Why This Matters

No hospital system, no genomics company, no health app can prove this chain. They can prove someone logged in. They cannot prove the right person was present at the moment data was accessed.

Enigma can. That is the difference.

Technical Guarantees

Quantum-Safe Encryption

ML-KEM-1024 and ML-DSA-87 protect your data against future quantum computing threats. NIST FIPS 203/204/205 compliant.

Zero-Knowledge Architecture

We cannot read your data. Ever. Even if compelled by law enforcement. Client-side encryption means we receive only ciphertext.

Biometric Binding via Unifactor

Your EBID is bound to your actual biology, not just a device or password. The person must be present.

Instant Revocation

Change your mind? Access is revoked in under 60 seconds. The system enforces your decision immediately.

Join the Waitlist

Questions? Contact us