Encryption

Keys

Account key pair is the primary user account key pair.
PBKDF2 key is a key generated by using user password. It’s needed to encrypt the user account private key.
User device key pair is a key pair is generated and stored on the user device. Device private key can be used to encrypt the user account private key.
Client key pair is key pair to identify client app or website
Context key is a key to encrypt user data in the context.

Key Usage Analysis

The following are some rough sketches about what data is encrypted and how. It is not perfectly harmonized with the above “Sample Data”

framework-classes