🏠 Overview 🧩 Components 🧩 Encryption Service

Encryption Service

Component Detail

Service Layer high complexity mobilebackend
1
Dependencies
2
Dependents
2
Entities
0
Integrations

Description

Implements asymmetric end-to-end encryption using the peer mentor's public/private keypair, with the private key stored exclusively in the device secure enclave via flutter_secure_storage. Encrypts content with the recipient's public key on the backend before storage; decryption occurs on-device only - plaintext is never persisted or transmitted.

Feature: Encrypted Assignment Dispatch

encryption-service

Responsibilities

  • Generate keypair on device first launch and store private key in flutter_secure_storage
  • Upload and cache the peer mentor's public key to the backend
  • Encrypt assignment content with recipient public key before database write
  • Decrypt assignment content on-device using the private key from secure enclave
  • Ensure plaintext is never written to disk or included in any API response

Interfaces

generateKeypair() -> KeyPair
getPublicKey(userId) -> PublicKey
encryptContent(plaintext, publicKey) -> EncryptedBlob
decryptContent(encryptedBlob) -> PlainContent
hasKeypair() -> bool

Relationships

Dependencies (1)

Components this component depends on

infrastructure Secure Key Store

Dependents (2)

Components that depend on this component

ui Assignment Detail Screen service Assignment Dispatch Service

Related Data Entities (2)

Data entities managed by this component

Assignment 19 fields core Audit Log 17 fields audit