Glossary

A

Access Policy

A set of rules defining who can access content, when, and how many times. Stored on the Base blockchain.

AES-GCM

Advanced Encryption Standard - Galois/Counter Mode. A symmetric encryption algorithm providing confidentiality and authentication.

Attempt

One instance of a recipient trying to access content. Tracked on-chain via logAttempt().

B

Base

An Ethereum Layer 2 blockchain by Coinbase. SHIELD deploys its smart contracts on Base.

Blockchain

A distributed, immutable ledger. SHIELD uses Base for transparent, trustless access control.

C

CID (Content Identifier)

A unique hash identifying content on IPFS. SHIELD encrypted content is referenced by CID.

Contract

A smart contract on the blockchain. SHIELD’s Shield.sol contract manages access policies.

D

dApp (Decentralized Application)

An application with backend running on blockchain. SHIELD is a dApp.

Decryption

Converting encrypted content back to plaintext. Happens client-side in SHIELD.

E

EIP-4361

Ethereum Improvement Proposal for Sign-In with Ethereum (SIWE). SHIELD uses this for authentication.

Encryption

Converting plaintext to ciphertext. SHIELD uses AES-GCM 256 client-side.

End-to-End Encryption

Encryption where only sender and recipient can decrypt. SHIELD implements this.

F

Faucet

A service providing free test ETH. Use Alchemy Faucet for Base Sepolia.

G

Gas

Fee paid to execute transactions on blockchain. Paid in ETH on Base.

Gateway

A server providing HTTP access to IPFS content. SHIELD uses Pinata’s gateway.

H

Hash

A fixed-size output from a cryptographic function. Used for policy IDs and CIDs.

Hardhat

Ethereum development environment. Used for SHIELD contract development.

I

IPFS (InterPlanetary File System)

Decentralized file storage. SHIELD stores encrypted content on IPFS via Pinata.

IV (Initialization Vector)

A random value ensuring same plaintext encrypts differently each time. 96 bits in AES-GCM.

J

JWT (JSON Web Token)

A token format for session management. SHIELD uses JWT for API sessions.

K

Key

A secret value for encryption/decryption. In SHIELD, keys are 256-bit random values.

L

Link (Secure Link)

A URL containing policyId and secretKey. Created once, shown once, never recoverable.

M

Mainnet

The production blockchain network. Base mainnet is where real value is at stake.

Max Attempts

Maximum times content can be accessed. Set by sender.

Metadata

Information about content (size, type) but not the content itself. Stored off-chain.

N

Next.js

React framework. Powers SHIELD frontend.

Nonce

A number used once. Prevents replay attacks in SIWE.

P

Pinata

IPFS pinning service. SHIELD uses Pinata to persist encrypted content.

Policy ID

Unique identifier for an access policy. Keccak256 hash stored on-chain.

R

Recipient

The wallet address authorized to access content. Set when creating a policy.

Revoke

Invalidate a policy before expiration. Irreversible.

S

Secret Key

The decryption key. Embedded in URL fragment, never sent to server.

Sender

The creator of a secure link. Pays gas for policy creation.

Sepolia

Testnet for Base. Used for development and testing. Authentication standard using Ethereum signatures. Replaces passwords.

Smart Contract

Program running on blockchain. SHIELD’s Shield.sol enforces access rules.

T

Tailwind CSS

Utility-first CSS framework. Styles SHIELD UI.

Testnet

Test blockchain network. No real value, used for testing.

Transaction

Data submitted to blockchain. Costs gas. SHIELD has createPolicy and logAttempt transactions.

Trustless

System requiring no trusted parties. SHIELD’s architecture is trustless.

U

URL Fragment

Part of URL after #. SHIELD puts secret keys here—never sent to server.

V

Vercel

Hosting platform. SHIELD frontend deploys to Vercel.

View Function

Smart contract function that reads state without transaction. isPolicyValid is a view function.

W

Wallet

Software for managing private keys. MetaMask, Rainbow, etc.

WalletConnect

Protocol for connecting wallets to dApps. SHIELD uses WalletConnect.

Web Crypto API

Browser API for cryptography. SHIELD uses it for AES-GCM.

Web3

Decentralized web ecosystem. SHIELD is a web3 application.

Z

Zero Address

0x000...000. Invalid address. Cannot be used as recipient.

Reference

​Glossary

​A

​Access Policy

​AES-GCM

​Attempt

​B

​Base

​Blockchain

​C

​CID (Content Identifier)

​Contract

​D

​dApp (Decentralized Application)

​Decryption

​E

​EIP-4361

​Encryption

​End-to-End Encryption

​F

​Faucet

​G

​Gas

​Gateway

​H

​Hash

​Hardhat

​I

​IPFS (InterPlanetary File System)

​IV (Initialization Vector)

​J

​JWT (JSON Web Token)

​K

​Key

​L

​Link (Secure Link)

​M

​Mainnet

​Max Attempts

​Metadata

​N

​Next.js

​Nonce

​P

​Pinata

​Policy ID

​R

​Recipient

​Revoke

​S

​Secret Key

​Sender

​Sepolia

​SIWE (Sign-In with Ethereum)

​Smart Contract

​T

​Tailwind CSS

​Testnet

​Transaction

​Trustless

​U

​URL Fragment

​V

​Vercel

​View Function

​W

​Wallet

​WalletConnect

​Web Crypto API

​Web3

​Z

​Zero Address