Skip to main content
Zark Cloud integrates with Walrus and Seal to give you the option of storing your files on decentralized infrastructure with enterprise-grade encryption. This means your data isn’t dependent on any single provider, remains accessible even if servers fail, and can only be decrypted by authorized parties.

Understanding Walrus

Walrus is a decentralized storage network developed by Mysten Labs. Unlike traditional cloud storage where your files sit on one company’s servers, Walrus distributes your data across a global network of independent storage nodes, making it resilient against outages and censorship.

How Walrus Works

When you upload a file to Walrus, it’s broken into pieces and distributed across multiple independent storage nodes. Even if some nodes fail, your file can be reconstructed from the remaining pieces. This approach provides cloud-grade reliability with much less redundancy than traditional storage, making it cost-efficient while ensuring your data remains accessible.

Storage nodes

For technical details, see Architecture & Data Flow or visit the Walrus Documentation.

Understanding Seal

While Walrus provides resilient, decentralized storage, it’s transparent by default. For sensitive files, you need encryption and access control. That’s where Seal comes in. Seal is a decentralized encryption service developed by Mysten Labs that provides client-side encryption and programmable access control for data stored on Walrus. Think of Walrus as the vault where your data lives, and Seal as the lock that controls who can open it.

How Seal Works

  • Client-Side Encryption: When you store an encrypted file through Zark, encryption happens on your device before data leaves your browser. Unencrypted content is never transmitted or seen by Zark’s servers. Even if someone intercepted the data, they would only see encrypted content.
  • Programmable Access Control: Access rules are enforced by blockchain-based policies, not databases. This means access rules execute exactly as written—there’s no way for an administrator to grant unauthorized access by changing settings.
  • Distributed Key Management: Seal distributes key management across multiple independent servers, ensuring no single party (including Mysten Labs or Zark) can decrypt your data unilaterally.
For details on encryption and access control, see Security, Encryption & Access Control. For technical implementation details, visit the Seal Documentation.

Key Benefits

  • Resilience: Your data survives even if most storage nodes fail. Files can be reconstructed as long as enough pieces remain available.
  • True Ownership: Your data isn’t locked into any provider’s ecosystem. You control your data through cryptographic keys, not account credentials.
  • End-to-End Privacy: Client-side encryption ensures that unencrypted content never leaves your device. Even Zark cannot read your encrypted files.
  • Programmable Access: Access rules are enforced by blockchain-based policies, not company policies. They execute exactly as written.
  • Verifiable Audit Trails: Every storage and access event is recorded on-chain, creating tamper-proof logs for compliance and governance.
  • Cost Efficiency: Erasure coding achieves cloud-grade reliability with 4-5x redundancy instead of the 100x+ required by full replication, translating to competitive pricing.
  • Censorship Resistance: No single entity can delete, modify, or restrict access to your stored data. The decentralized architecture eliminates single points of control.