Squyr.
Bilateral Cryptographic Data Exchange
Brand data never leaves your environment. Squyr data never leaves ours. Email Shield is a bilateral cryptographic relay — messages pass through, verification happens, content never does.
Sender encrypts the message payload with the recipient's public Ed25519 key. The relay never sees plaintext — only an encrypted blob passes in.
The encrypted message traverses Squyr's relay. Metadata (timestamp, sender domain, recipient domain) is verified and logged on-chain. Content remains opaque throughout.
Recipient uses their private key to decrypt. Identity confirmed via Ed25519 signature verification. The relay has zero knowledge of content or parties involved.
Email Shield shares the same bilateral Ed25519 keypair and SHA-256 audit chain as PHI Shield. No new infrastructure, no new trust assumptions — one root, every capability.
Message content hashed to a fixed-length digest. Collision-resistant. Foundation of the audit chain.
Digest expanded into session key material via HKDF-SHA256. Per-message ephemeral keys ensure forward secrecy.
Authenticated encryption. The relay receives an opaque ciphertext: content unreadable, integrity guaranteed.
Bilateral signature on each relay event. Sender identity confirmed. Recipient authenticity verifiable. The trust anchor.
Email Shield is designed for healthcare and life sciences where email is the collaboration medium but patient data cannot be exposed.
Match a brand's patient email list against Squyr's audience without exposing the patient list to Squyr, or vice versa. Both sides cryptographically verify overlap without data leaving their environment.
HIPAA Safe HarborSend encrypted campaign materials to HCPs through the relay. Physician identities are verified via Ed25519 but their contact details — names, emails, NPIs — never stored on the relay.
BAA RequiredTrack campaign open/click rates with cryptographic proof of delivery — no personal data exposed. The audit chain provides prosecution-grade evidence for regulatory compliance.
Audit LogPre-send DLP scanning, bilateral AES-256-GCM encryption, and multi-channel delivery (email + SMS) are live in the portal. Ed25519 audit chain active from day one.