How does Questsmith encrypt player data?

Privacy & Security

Data encryption is a core pillar of our privacy strategy. Questsmith encrypts your data including the full text of your adventures both in transit and at rest.

However, building an interactive AI experience introduces unique technical constraints. Here is a transparent breakdown of how encryption works on Questsmith and why we handle it this way:

The Plain Text AI Constraint

AI language models cannot read or process encrypted data; they require plain text to understand context and generate responses. This means that whenever you take an action in a game, your encrypted story text must be temporarily decrypted right before it is passed to the AI model. This is a fundamental technical reality for all AI powered platforms across the industry.

Server Side Key Storage Our Approach

To lock and unlock encrypted data, a digital "encryption key" is required. Without it, your stories would appear as unreadable gibberish. This key can be stored in two ways:

Client Side Locally on your device
Server Side Remotely on our secure servers

Questsmith utilizes server side key storage. We chose this architecture because it offers the safest balance of data security and user accessibility for our players.

Why Server Side Storage Benefits You

While local, client side key storage sounds safer in theory, it introduces massive risks and functional limitations:

Guaranteed Account Recovery: If keys are stored locally on your device and you forget your password, clear your browser cache, or lose your phone, your data is gone forever. We would have no way to help you recover your account or your stories. Server side management allows us to safely offer password resets.
Seamless Cross Platform Syncing: Because your keys are securely managed on our end, you can seamlessly jump between playing Questsmith on your desktop browser, your iPhone, or your Android device without losing your progress.

The Security Reality

Because plain text must ultimately be transmitted to the AI server for generation regardless of where the key lives, client side key storage offers minimal added security benefits for an AI application, but introduces a 100% risk of permanent data loss for the user.

Looking Ahead: Your trust and privacy are paramount to us. While server side encryption is the gold standard for multi device applications, we are exploring the possibility of introducing an optional, advanced client side key storage toggle in the future for players who fully understand the risks and tradeoffs of manual key management.

How does Questsmith encrypt player data?

Privacy & Security

Data encryption is a core pillar of our privacy strategy. Questsmith encrypts your data including the full text of your adventures both in transit and at rest.

However, building an interactive AI experience introduces unique technical constraints. Here is a transparent breakdown of how encryption works on Questsmith and why we handle it this way:

The Plain Text AI Constraint

Server Side Key Storage Our Approach

To lock and unlock encrypted data, a digital "encryption key" is required. Without it, your stories would appear as unreadable gibberish. This key can be stored in two ways:

Client Side Locally on your device
Server Side Remotely on our secure servers

Questsmith utilizes server side key storage. We chose this architecture because it offers the safest balance of data security and user accessibility for our players.

Why Server Side Storage Benefits You

While local, client side key storage sounds safer in theory, it introduces massive risks and functional limitations:

Guaranteed Account Recovery: If keys are stored locally on your device and you forget your password, clear your browser cache, or lose your phone, your data is gone forever. We would have no way to help you recover your account or your stories. Server side management allows us to safely offer password resets.
Seamless Cross Platform Syncing: Because your keys are securely managed on our end, you can seamlessly jump between playing Questsmith on your desktop browser, your iPhone, or your Android device without losing your progress.

The Security Reality

Looking Ahead: Your trust and privacy are paramount to us. While server side encryption is the gold standard for multi device applications, we are exploring the possibility of introducing an optional, advanced client side key storage toggle in the future for players who fully understand the risks and tradeoffs of manual key management.

Data encryption is a core pillar of our privacy strategy. Questsmith encrypts your data including the full text of your adventures both in transit and at rest.

However, building an interactive AI experience introduces unique technical constraints. Here is a transparent breakdown of how encryption works on Questsmith and why we handle it this way:

The Plain Text AI Constraint

Server Side Key Storage Our Approach

To lock and unlock encrypted data, a digital "encryption key" is required. Without it, your stories would appear as unreadable gibberish. This key can be stored in two ways:

Client Side Locally on your device
Server Side Remotely on our secure servers

Questsmith utilizes server side key storage. We chose this architecture because it offers the safest balance of data security and user accessibility for our players.

Why Server Side Storage Benefits You

While local, client side key storage sounds safer in theory, it introduces massive risks and functional limitations:

Guaranteed Account Recovery: If keys are stored locally on your device and you forget your password, clear your browser cache, or lose your phone, your data is gone forever. We would have no way to help you recover your account or your stories. Server side management allows us to safely offer password resets.
Seamless Cross Platform Syncing: Because your keys are securely managed on our end, you can seamlessly jump between playing Questsmith on your desktop browser, your iPhone, or your Android device without losing your progress.

The Security Reality

Looking Ahead: Your trust and privacy are paramount to us. While server side encryption is the gold standard for multi device applications, we are exploring the possibility of introducing an optional, advanced client side key storage toggle in the future for players who fully understand the risks and tradeoffs of manual key management.