Where your data lives
Three layers, each with a clear job. This is for anyone who wants to know: what does Sciencera actually store, and where?
The three layers
| Layer | Where | What it holds | Visibility |
|---|---|---|---|
| On chain | Solana blockchain | Cryptographic fingerprints, status records, credential records, authority records | Public, anyone can read |
| Off chain | Access-controlled storage (IPFS / Arweave / private endpoints) | Full proposal bodies, credential metadata, lab reports, attachments | Controlled per item — sometimes public, sometimes private |
| Your browser | localStorage | Your drafts, your filters, your settings, your activity log, sample data caches | Only your browser |
The blockchain is permanent and public. Off-chain storage is permanent but access-controlled. Browser storage is yours alone — clear your browser, it's gone.
What goes on chain
For each proposal:
- A 32-byte fingerprint (SHA-256) of the proposal content
- A pointer to where the full content lives off chain
- The current status (submitted, under review, approved, etc.)
- The author's wallet address
- Timestamps for creation, submission, and last review
- A counter for how many revision rounds the proposal has gone through
- Optional pointers to milestone funding and IP asset accounts (when those modules ship)
For each reviewer:
- Their wallet address
- Their role flags (can review / can assign / admin override)
- Whether they're currently active
- A history of who added them and when
For each credential:
- The recipient's wallet address (the "subject")
- The issuer's wallet address
- The credential type (Academy, reviewer contribution, milestone, lab verified)
- A short slug, title, and content pointer
- A fingerprint of the issuance payload
- A score (0-100) for credentials that have a passing threshold
- Whether the credential has been revoked, and if so when and by whom
That's the entire on-chain footprint. No personal information, no email addresses, no proposal content.
What stays off chain
Anything that isn't a fingerprint or a status record:
- Full proposal text. Title, summary, methodology, milestones in detail.
- Author metadata. Your name, affiliation, ORCID details.
- Reviewer comments and notes. Detailed feedback the reviewer wrote.
- Lab reports and attachments. PDFs, images, datasets.
- Credential metadata. The full structure behind a credential's title and content.
Off-chain content is referenced by URI on chain — typically ipfs://, ar://, or https://. Whether anyone can fetch a given URI depends on its access controls. A public IPFS pin is readable by anyone. A private endpoint with authentication is readable only by allowed parties. The blockchain proves a commitment exists; the off-chain layer decides who can read it.
What's in your browser
Sciencera v1 keeps a lot in localStorage as a starting point — fast UX without requiring backend signup. Here's the catalog:
| What | Stored as | Notes |
|---|---|---|
| Your proposals | A list keyed by browser | Includes drafts, fingerprints, full bodies |
| Your activity log | The latest 500 events | Older entries drop off automatically |
| Your profile (name, bio) | Per-wallet | Tied to the wallet address you used |
| Academy progress | Per-wallet | Track enrollments, completed lessons, quiz attempts |
| Academy credentials | Per-wallet | Local credentials issued for passed tracks |
| Task attempts and completions | Per-wallet | Track which tasks you've tried, which you've passed |
| Reward configuration | Workspace-wide | Pool size, per-track rewards (admin-editable) |
| Reward claims | Per-wallet | Records of SCI Credits you've claimed |
| Reviewer applications | Workspace-wide | Submitted reviewer applications |
| Reviewer assignments | Workspace-wide | Mock assignments to proposals |
| Review comments | Workspace-wide | Comments written during reviews |
This is a v1 setup. It works because Sciencera's pre-launch data volume is small and your wallet is the cross-device identity anchor. When the backend lands, a one-time sync will move your local data to your account, and storage becomes cross-device.
How a proposal flows through the layers
Walking through what happens when you submit:
Step 1 — In your browser:
You write the proposal in the wizard.
The app fingerprints the structured payload (SHA-256).
Your draft is stored in localStorage.
Step 2 — When you submit:
The full body is uploaded to off-chain storage (IPFS / Arweave).
The app gets back a content URI.
Step 3 — On chain:
The fingerprint, the URI, and metadata go on chain.
Your wallet signs the transaction.
A new on-chain account is created for the proposal.
Step 4 — Going forward:
Anyone reading the proposal:
1. Reads the fingerprint and URI from chain.
2. Fetches the full body via the URI.
3. Re-fingerprints the fetched content.
4. Compares the two fingerprints.
Match → original, untampered.
Mismatch → flagged. Tampering detected.
The blockchain alone proves the commitment exists. The off-chain layer alone holds the readable content. Both are needed to confirm "this proposal really says what it says, and was submitted at this time by this wallet."
Why split it this way
Compliance. Many regulators require auditability + access control. On-chain fingerprints give the audit trail; off-chain storage gives the access control.
Cost. Storing megabytes on chain is expensive. Storing fingerprints is essentially free. The economics force the right architecture.
Privacy. Wallet pubkeys are public by definition; any data co-located with them on chain is public too. Anything sensitive must stay off chain by structure, not by promise.
Forward-compatibility. A future requirement for selective disclosure ("show this content only to qualified reviewers") works because the disclosure decision lives off chain. The on-chain commitment doesn't change.
Privacy posture
- The blockchain knows you submitted something with a given fingerprint at a given time. It doesn't know what.
- Off-chain storage knows the content. Whether it shares that content depends on its access policy.
- Your browser knows your drafts, your filters, your activity. Nobody else.
- Your wallet knows your private key. Nobody else, ever.
What you control
- What you submit. Drafts stay private until you click submit.
- Where your off-chain content lives. When the upload step ships, you'll be able to choose pinning providers based on your jurisdiction or privacy needs.
- Your reputation lineage. Credentials are bound to your wallet. They cannot be transferred or revoked silently.
- Your local activity. You can clear your activity log at any time from the activity page.
What you don't control
- Your on-chain footprint, once written. Submissions are permanent. Status transitions are permanent. The blockchain doesn't allow rewriting history.
- Whether others reference your proposal. Once a fingerprint is on chain, others can read it and link to it.
Where to go next
- How it works — the system in plain terms
- Your Solana wallet — how identity actually works
- How proposals stay tamperproof — the proposal lifecycle in detail
- Compliance — regulatory framing