Architecture
The Fynlink Application Security Architecture
The Fynlink Application Encryption Architecture
We use a similar encryption architecture which is battle tested & used widely in many end-to-end encrypted applications currently.
Your link data including short URL, target URL, tags, title & notes are end-to-end encrypted with Fynlink. Meaning, they are encrypted on your device before being sent to our servers. This ensures that only you can access your data. We can't read your data, even if we wanted to.
Encryption Fundamentals
- Master Key: When you sign up for Fynlink, your browser client will generate a
masterKey
for you. This never leaves your device unencrypted. - Key encryption key: A
keyEncryptionKey
is derived from your password and this will never leave your device.
Application Flow
- Registration: During registration, your
masterKey
is encrypted with yourkeyEncryptionKey
and the resultantencryptedMasterKey
is sent to our servers. - Login: During login, when you enter the password, the
keyEncryptionKey
is derived from it. After successful login, our servers give you back theencryptedMasterKey
. ThemasterKey
will be derived by decrypting theencryptedMasterKey
with thekeyEncryptionKey
.
Only you can derive the keyEncryptionKey
as only you know the password. Since only you can derive the keyEncryptionKey
, only you have access to the masterKey
.
Link Encryption Fundamentals
Key pairs are generated for User & Team. This generates a publicKey
and privateKey
pair. The publicKey
can be used to encrypt, while you will need the privateKey
for decryption.
- User Key pairs: A key pair is generated for you when you register. The
userPublicKey
is stored on our servers as plain text and theuserPrivateKey
never leaves your device unencrypted. TheuserPrivateKey
is encrypted with themasterKey
and stored in our servers. - Team Key pairs: When you create a team, a key pair is generated for your team. The
teamPrivateKey
is encrypted with youruserPublicKey
and stored in our servers. TheteamPublicKey
is stored as plain text on our servers. - Link key: A random
linkKey
is generated for each link you create. This key is used to encrypt the link data. It never leaves your device unencrypted, and is encrypted with theteamPublicKey
and is sent to our servers.
Link Creation Flow
- When you create a link, the short URL, target URL, tags, title & notes are encrypted with a randomly generated
linkKey
. - The
linkKey
is then encrypted with theteamPublicKey
of the team. - We will also create a hash (non-reversible) of the short URL & the target URL will be encrypted with a key derived from the actual short URL itself. These values are further encrypted with a searchable field-level database encryption system for further security.
- All the above-encrypted data is then pushed to our server for storage.
Viewing A Link
- When you view a link in the application, the encrypted link data along with
encryptedLinkKey
is fetched from our servers. - The
encryptedUserPrivateKey
andencryptedTeamPrivateKey
are also fetched from our servers. - The
userPrivateKey
is obtained by decryptingencryptedUserPrivateKey
with themasterKey
. - The
teamPrivateKey
is obtained by decryptingencryptedTeamPrivateKey
with theuserPrivateKey
. - The
linkKey
is obtained by decryptingencryptedLinkKey
with theteamPrivateKey
. - Finally, the link data is decrypted with the
linkKey
and displayed to you.
Redirection Of Short URL
- When someone clicks on the short URL, our redirection service will search for the hash of the short URL in the database. (Remember, the hash field is already encrypted in the database, so a direct search is not possible. This is where the searchable field-level encryption system comes into play)
- If a match is found, the encrypted
targetURL
is fetched from the database along with itsmetadata
. - The
metadata
is mainly different ids likelinkId
,teamId
,userId
etc. - An
decryptionKey
will be derived from the actualshortURL
and will decrypt thetargetURL
. - If metrics is enabled for the link, all the header information will be passed to the metrics service, through a queue.
- The metrics queue will aggregate all the data for a short period (upto 20 sec), which can have multiple link clicks data across a wide range of links and send to metrics service, process it, & store the absolute essential data like country code, browser, referral host, device type along with
metadata
. We do not store user IP address, nor the user agent string. All the click metrics from the aggregated queue will have exactly same timestamp, this is by purpose. The timestamp can be anywhere +/- 20 sec from the actual click time. - The
shortURL
hash & encryptedtargetURL
will be cached in a key value store for a short duration (minimum 6 hours, or for the expiry time set, whichever is lesser) for faster access next time. - The user will be redirected to the target URL.
Implementation Details
We mainly depends on the high level APIs exposed by the awesome libsodium library. We also use searchable field-level database encryption for several fields with the help of Ciphersweet. Any personally identifiable information or other sensitive information's stored in the database are encrypted using the AES-256-CBC algorithm. This is apart from the standard encryption available at rest (EAR) and during transit (EIT) for the data.
Key Generation
crypto_secretbox_keygen is used for generating all random keys within the Fynlink application.masterKey
, recoveryKey
, linkKey
are all 256-bit keys generated with this API.
Salt & Nonce Generation
randombytes_buf is used to generate a new salt
or nonce
every time data needs to be encrypted.
Key Pair Generation
crypto_box_keypair is used for generating key pairs. The key pairs userPublicKey
, userPrivateKey
and teamPublicKey
, teamPrivateKey
are generated using this API.
Key Derivation
crypto_pwhash is used to derive the keyEncryptionKey
from your password. Under the hood it uses Argon2id, which is considered as one of the best hashing algorithms available currently.
Symmetric Key Encryption
crypto_secretbox_easy is used for encrypting your masterKey
and recoveryKey
. Internally this uses XSalsa20 cipher with Poly1305 MAC for authentication.
Asymmetric Key Encryption
crypto_box_seal is used for all encryption's using a publicKey
. The linkKey
and teamPrivateKey
are encrypted using this API with teamPublicKey
and userPublicKey
respectively. Internally this uses X25519 for key exchange, XSalsa20 cipher for encryption and Poly1305 MAC for authentication.
Hashing & Other Encryption Used
We use crypto_hash_sha256 for hashing. A copy of short URL is stored as hash in our servers. A copy of the target URL is encrypted using AES-256-CBC algorithm from a key derived from the actual short URL using HKDF as key derivation algorithm. We use Subtle Encrypt for implementation.
Both the short URL hash & encrypted target URL are further encrypted with Ciphersweet which enables searchable field-level database encryption.
- Your link data is encrypted, even before leaving the browser & can be decrypted only by you.
- E2EE
- Average link redirection time, depends mainly on location of the end user.
- < 200ms
- Uptime guarantee
- 99.9%
- For quick, uninterrupted URL redirection, our redirection service is available on all major cities worldwide.
- 275+