# Shipping Address Encryption with Hermes-eth

UMP uses *Hermes-eth* to keep your shipping address private and secure when you buy items. This guide explains how it works in simple terms.

## What is Hermes-eth?

*Hermes-eth* is a secure encryption protocol designed for the Ethereum blockchain. It converts sensitive information into a protected format so that only the intended recipient—using a combination of their wallet and a secret key or password—can decrypt and access the original data. This means that details like your shipping address remain confidential, even when stored on a public ledger.

## How It Works

### For Sellers

When you create your store, you'll need to set up message encryption:

- You choose a strong password
- Your wallet and password work together to create a special "public key"
- This public key is stored on the blockchain
- Only you can decrypt messages using your wallet and password together

### For Buyers

When you buy something:

   - You enter your shipping address
   - Our system uses the seller's public key to encrypt your address
   - Only the encrypted version of your address is stored on the blockchain
   - Nobody except the seller can read your real address

### For Both Parties

- The system uses advanced encryption (AES-256-GCM) to protect your information
- All encryption happens in your web browser
- Your real address never touches the blockchain - only the encrypted version does
- The system includes a verification feature to make sure the message wasn't changed

## Technical Details

For those interested in the technical side, here's a brief overview:

### Encryption Process
 - Uses AES-256-GCM for the main encryption
 - Creates an ephemeral (one-time) key pair for each message
 - Combines the ephemeral key with the recipient's public key to create a shared secret
 - Includes padding to hide the real message length
 - Optionally adds verification hashes

### Message Format

Each encrypted message contains the following components:

```typescript
{
  encryptedData: string;     // Hex-encoded encrypted data
  ephemeralPublicKey: string;// Public key for this message
  iv: string;               // AES-GCM initialization vector
  scheme: 'password';       // Encryption scheme identifier
  verificationHash?: string;// Optional: Hash for verification
  verificationEnabled?: boolean; // Optional: Whether verification is enabled
}
```

### Security Features

* Forward secrecy via ephemeral keys
* Two-factor security (requires both wallet private key and secret messaging key)
* Messages padded to prevent length analysis
* Recipients can destroy secret messaging keys to make messages permanently unreadable while retaining Ethereum private key.
* Optional third party message verification using salted hashes

The original code can be found [here](https://github.com/umpeth/hermes).