Reclaim Protocol values user security, privacy and self soverignity. None of the user data is visible to anybody, including the Reclaim Servers, without the explicit consent of the user.
Client Side Proofs
All the proofs of identity and credentials are generated using the https sessions. These https sessions are initiated and executed completely on client side. The ZK Proofs are also generated completely on client side. So the data encapsulated within the proofs are held exclusively in the user’s device. Nobody, including the Reclaim App Backend Servers have access to this data.
To facilitate the sharing of proofs between users, Reclaim App Backend Server allows lines of communication to be established between the two users. This line of communication is end to end encrypted. That means there is no way for the Reclaim App Backend Server to read the contents of the proofs being sent and received even though the Server facilitates the transfer. These proofs are encrypted upon explict consent of the user on the Reclaim Wallet App.
PKI & Open source
All the proofs are generated using public-private key pairs (ECDSA). These are the same key pairs also used by Ethereum. Should the user decide to not use the Reclaim Wallet Mobile app, they can also use any other Reclaim Protocol compliant wallet or use the open source repositories to build the app oneself.
More resources and explanations of how the Reclaim Protocol works can be found at reclaimprotocol.org