Vaulted Objects are a new kind of digital thing.

They contain digital content, such as an image, a video, a music album or a 3D object—anything digital, really.

The content is encrypted, securely held within the vault. A copy of the original unencrypted file is only able to be extracted by the owner.

Vaulted Objects provide a way to possess something in the digital world.

This is a difficult thing to do. It's just too easy to copy things on the internet, so the idea of having exclusive access and control of a digital thing has been elusive.

By providing a secure digital container for a digital thing, and enabling it to be transferred between people, we now have the ability to possess things in a meaningful way.

The French word for a “thing” is “chose” [shooz].

At English common law, there is a concept within property law of a chose in possession. This is one of only two ways that you can have legal ownership of a thing (or a chose); by possessing it. So, by enabling possession of a thing in the digital realm, a Vaulted Object also enables enforceable legal ownership.

Possession is something that common law courts natively understand.

The possession of a thing often comes with responsibilities. Courts have long found people to owe one another duties to take care to avoid causing harm. If you are in possession of a motor vehicle, or a weapon, then you almost certainly have a duty of care to avoid hurting people with it.

Digital things can cause harm, but it is often not obvious who created it, or recently possessed it, and therefore who might owe a duty of care.

By delivering content within a Vaulted Object, to a person with a verified digital identity, we can link the content to the person and prove that they owe a duty of care.

This will cause people to carefully consider actions that may defame or otherwise harm others, and can form the basis of new regulatory frameworks with meaningful outcomes.

Vaulted Objects don’t need a ledger. They don’t need a blockchain. Their security is built in.

The infrastructure achieves a deterministic security profile — there are no known vulnerabilities to attack. This is due to the identity protocol, which is specifically architected to avoid exposure of both the identity’s private and public key, and the extension of that throughout the framework.

A Vaulted Object is a JSON file. (It uses a JSON implementation of CMS, the Cryptographic Message Syntax.) The supporting infrastructure, when it creates a Vaulted Object, injects cryptographic key material into the Vaulted Object metadata. This is not a cryptographic key, but it is information that can be used (along with material within the identity framework) to recreate the “owner key”. The owner key only ever exists for a fraction of a second, deep within the infrastructure.