Anatomy of a Frontend

If you read the previous article, you know the essential pieces of the backend puzzle and how to avoid certain pitfalls. Now it's critical for the development of your product to understand the responsibilities of your frontend. This will let you plan how to fit Virgil Security SDKs in your architecture ahead of time and avoid traps independently of which language and framework you're using. For a list of languages we support, see our SDKs and tools page.

Before proceeding, make sure you've read the previous articles in this section to get a better understanding of the building blocks of end-to-end encryption.

Here's what your frontend should do:

1. Generate public and private key.

Your frontend has the responsibility of generating asymmetric key pairs (public and private keys). They are the key and safe that will allow sensitive information to be traded and stored securely.

2. Store and protect user private key.

Private key is a secret that should be known only to its source. It's important to store it securely and to not advertise it. Virgil SDKs have built-in methods of storing private keys securely.

3. Encrypt user data.

Files, conversations, and any sensitive or protected health information should never leave the client device unencrypted. This means it must be encrypted with an asymmetric public key before being sent to and stored in your servers.

And what your backend should not do:

1. Expose private key.

A user's private key must be kept safely stored in the device. It should never leave the device, unless via Virgil's password-secured backup service (BrainKey)

2. Generate JWT.

JWTs are credentials used by devices to communicate with Virgil Cloud and should be generated by the backend following user authentication.

3. Send sensitive information unencrypted.

Make sure that before sending messages, the proper encryption method is called using the correct recipient's public keys.

If you are still not sure if something should be done - or how it should be done - on your backend or frontend, ask us in our community forum. We're happy to help you build your secure product!