Privacy & security
This page summarizes how we approach safety and trust for a grief-sensitive product. It is not legal advice; it complements the technical documentation for operators.
Where your words live
Full journal text is stored in the application database (off-chain), not on a public blockchain. Only optional fingerprints (hashes) and related metadata are written on-chain when you choose to anchor. Private entries are not exposed to other visitors through the app’s public routes.
Optional anchoring & wallets
Connecting a wallet is only required for anchoring or for certain shareability changes on anchored memories. Network fees are paid to the blockchain, not to Missing You. Your email account and your on-chain transaction sender can differ; the proof record follows the wallet that submitted the anchor transaction.
Abuse protection (API rate limits)
Authenticated API routes apply per-user rate limits (for example creating memories, preparing or confirming anchors, and wallet-link challenges). When a limit is exceeded, the API responds with HTTP 429 and a Retry-After hint. Limits are enforced in-process on each server instance; for multi-instance production, consider a shared limiter (for example Redis) so thresholds stay global.
Monitoring
Operators should ship structured logs, alerts, and runbooks for production. The codebase emits JSON logs including rate-limit events; wire your preferred observability stack (for example Sentry, Datadog, or cloud-native tools) per your deployment guide.
What you can do
Use a strong, unique password on your email provider, keep your wallet seed phrase private, and review shareability before copying a public link. If something looks wrong with verification, compare the proof panel on the public page with the block explorer entry.