Data Portability
Users own their data and can export it at any time.
How Users Access Their Data
Web Dashboard
At flowsta.com/dashboard/your-data, users can:
- View what data Flowsta stores
- See which apps have accessed their data
- Export their recovery phrase (encrypted)
Flowsta Vault
The Flowsta Vault desktop app provides:
- Source chain export — Full Holochain source chain backup
- Key access — Recovery phrase and lair keystore passphrase
- Auto-backups — Apps back up data every 60 minutes (works while Vault is locked)
- Private data included — Encrypted DHT entries are decrypted and included in exports
What's in a backup?
Backup exports (format v4) include:
- Public data — content the user created (polls, posts, etc.)
- Private data — encrypted entries decrypted for readability (vote rationales, drafts, etc.)
- Cryptographic keys — lair keystore passphrase + keystore backup for full data portability
- Metadata —
_readmefields explaining each section in plain language
On the DHT, encrypted entries appear as opaque ciphertext. In the export, they're decrypted so the user can read and use their data independently.
For Developers
All Holochain apps must comply with the Cryptographic Autonomy License (CAL), which requires users can access their data and keys. Integrate auto-backups to make this easy for your users.
Every time you add new entry types that store user data, update your backup function to include that data. This applies to both public entries and encrypted entries.
Next Steps
- Backups & CAL Compliance — Developer guide for data backups
- Encrypted Entries — Private data on public DHT
- Zero-Knowledge Architecture — How data is encrypted
- Vault Overview — Desktop identity manager