NOVA is a privacy-first, decentralized file-sharing primitive, empowering user-owned AI at scale with encryted data persistence. NOVA enables secure storage and sharing of sensitive data (e.g., datasets for AI agent fine-tuning) without centralized intermediaries, leveraging group key management, IPFS, NEAR smart contracts, and verifiable TEEs via Shade Agents.
NOVA fills critical gaps in AI ecosystem βno native encrypted persistenceβ while inheriting NEAR Protocolβs strengths like sharding for scalability, low-cost transactions (~0.01 NEAR/gas), and AI-native tools (e.g., NEAR AI CLI). Whether you're building AI social platforms, DeFi apps, or autonomous agent workflows, NOVA provides a secure, verifiable data layer.
Dual-Network Support: Use mainnet for production nova-sdk.com or testnet for development testnet.nova-sdk.com. Testnet uses mocked IPFS for free testing; mainnet uses real Pinata integration (paid).
- Privacy-First: Encrypt files with group keys managed off-chain in TEEs, ensuring only authorized users or AI agents access dataβkeys never exposed on-chain.
- Decentralized: Store files on IPFS, log metadata on NEARβs immutable ledger, and manage access via smart contracts. No central servers.
- AI-Ready: Seamlessly integrates with NEARβs TEEs, Intents, and Shade Agents, enabling secure data for AI training and execution.
- Developer-Friendly: Free-to-integrate SDKs (Rust crate and JS package) with pay-per-action fees baked into the contract, blending into your dAppβs backend.
- Group Creation & Management: Owners (NEAR AccountIds) create groups via smart contracts, supporting collaborative AI training with multi-group membership. Anyone can create groups (per future updateβcurrently owner-gated for MVP stability).
- Access Control: Smart contracts maintain a mapping table for members and attestations, ensuring only authorized users access files via ephemeral tokens. Vital for user-owned AI privacy.
- Secure Storage: Files are encrypted with group keys and pinned to IPFS, optimized for AI dApps (e.g., datasets for fine-tuning).
- Access Workflow: SDKs retrieve encryption keys from TEE via secure tokens, then perform client-side encryption/decryption βplaintext data never leaves your device or server.
- Revocation & Key Rotation: Remove members and rotate keys in TEEs with lazy re-encryption to minimize latency/gas costs for large groups.
- Integrity & Trackability: Log signed transactions (with file hashes) on-chain for non-corruption guarantees, leveraging NEARβs ledger for verifiability.
Keys are managed off-chain in verifiable TEEs via Shade Agents. Never published on-chain, NOVA file-sharing ensures unbreakable privacy against blockchain fetches.
NOVA's keys are generated, stored, and distributed exclusively within Trusted Execution Environments (TEEs) using Shade Agents. This eliminates any on-chain exposure:
- Off-Chain Key Management: Keys are derived via HKDF from a master seed and encrypted with AES-256-CBC inside the TEE. Encrypted blobs are stored on-chain in
nova-kv.nearβ a purpose-built NEAR smart contract β accessible only by the Shade Agent's deterministic signer key, registered with minimal FunctionCall permission scope. - No On-Chain Keys: The smart contract stores only group metadata, attestations (checksums/code hashes), and used noncesβno keys or decryptable data. RPC queries (e.g., view_state) reveal nothing sensitive.
- Secure Distribution: Users request ephemeral nonce-based access tokens from the contract (gated by on-chain membership). Tokens incorporate a timestamp and nonce verified in-TEE before key release. Group keys are derived deterministically from a master seed using HKDF β the same key is always re-derived for the same group, making keys stateless and recoverable across TEE restarts.
- Verification & Attestation: Every key operation returns a TEE checksum (via agentInfo), proving execution in genuine hardware with unmodified codeβno tampering possible.
- Rotation & Revocation: On member removal,
revoke_memberatomically revokes on-chain and rotates the group key in a single call β a new versioned salt is derived, the rotated key is stored onnova-kv.near, and the revoked member's prior key is immediately invalid. - Attack Resistance: Even targeted attacks (e.g., indexing interactions or RPC dumps) can't extract keys: they're never on-chain. High-value targets (e.g., AI datasets) remain secure against nation-state or sophisticated threats.
NOVA's architecture combined with Shade/TEEs confidentiality provides bullet-proof security for your data: verifiable, private, and resilient, aligning with NEAR's user-owned AI vision.
NOVA complements NEARβs AI-focused tools:
- TEEs: Secures data at rest/transit for confidential compute (e.g., private AI inference in Phala enclaves).
- Intents: Gates solver access to encrypted payloads, enabling private, AI-driven fulfillment (e.g., cross-chain swaps).
- Shade Agents: Persists off-chain data for autonomous workers, resolving the "oracle problem" with verified inputs (e.g., prediction markets).
Choose the integration that best fits your use case:
For AI-assisted workflows using Claude or other MCP-compatible assistants, integrate the publicly deployed MCP server as a custom connector in your MCP client:
https://5a5223f7d1bfe777433c496b9d52ff851e927259-8000.dstack-prod5.phala.network/mcp
The MCP server runs alongside the Shade Agent in a Phala TDX CVM β no centralized hosting, no third-party auth gate. You can also interact with NOVA directly from its multi-user interface at https://nova-sdk.com
Best for: Natural language file operations, AI agent workflows, conversational interfaces
OpenClaw Skill: For agent-side retrieval, use the nova-skill β a shell + Python skill that authenticates, retrieves, and decrypts NOVA files directly from any OpenClaw-compatible agent.
Documentation: /mcp-server | GitBook
For web applications, backend services, and Node.js environments.
npm install nova-sdk-jsBest for: Web dApps, API servers, browser applications, TypeScript projects
Documentation: /nova-sdk-js | GitBook
For high-performance applications, blockchain integration, and system-level development.
[dependencies]
nova-sdk-rs = "1.1.0"Best for: Smart contracts, CLI tools, high-performance services, native applications
Documentation: /nova-sdk-rs | GitBook
Visit nova-sdk.com to:
- Login with email or social (Google/Apple/GitHub)
- Create your NEAR account automatically (no wallet needed!)
- Upload files through natural language chat
You: "Create a group called 'research_team' and upload my dataset securely"
NOVA chat: β
Group created! Uploading...
π¦ File encrypted and uploaded to IPFS
π Transaction recorded: https://nearblocks.io/txns/ABC123...
import { NovaSdk } from 'nova-sdk-js';
import fs from 'fs';
// Initialize SDK with your account and session token
// Get these from https://nova-sdk.com after login
const sdk = new NovaSdk(
'alice.nova-sdk.near', // Your NEAR account
{
apiKey: process.env.NOVA_API_KEY, // From nova-sdk.com
}
);
// Check your network (mainnet by default)
console.log(sdk.getNetworkInfo());
// { networkId: 'mainnet', contractId: 'nova-sdk.near', ... }
// Register a new group (you become owner)
await sdk.registerGroup('my-private-files');
// Upload encrypted file (client-side encryption)
const fileData = fs.readFileSync('./sensitive-doc.pdf');
const result = await sdk.upload(
'my-private-files', // group_id
fileData, // file data (Buffer)
'sensitive-doc.pdf' // filename
);
console.log('β
Uploaded!');
console.log('π¦ IPFS CID:', result.cid);
console.log('π Transaction:', result.trans_id);
// Retrieve and decrypt file (client-side decryption)
const { data } = await sdk.retrieve(
'my-private-files',
result.cid // IPFS hash from upload
);
fs.writeFileSync('./decrypted-doc.pdf', data);
console.log('β
File decrypted!');use nova_sdk_rs::{NovaSdk, NovaSdkConfig};
use std::fs;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Initialize SDK (mainnet by default)
let config = NovaSdkConfig::default()
.with_api_key(&std::env::var("NOVA_API_KEY")?);
let sdk = NovaSdk::with_config("alice.nova-sdk.near", config)?;
// Check network
println!("Network: {} | Contract: {}", sdk.network_id(), sdk.contract_id());
// Register group
sdk.register_group("my-secure-files").await?;
// Upload file (client-side encryption)
let file_data = fs::read("./confidential.pdf")?;
let result = sdk.upload(
"my-secure-files",
&file_data,
"confidential.pdf"
).await?;
println!("β
Uploaded!");
println!("π¦ IPFS CID: {}", result.cid);
println!("π Transaction: {}", result.trans_id);
// Retrieve file (client-side decryption)
let retrieved = sdk.retrieve(
"my-secure-files",
&result.cid
).await?;
fs::write("./decrypted.pdf", &retrieved.data)?;
println!("β
File decrypted!");
Ok(())
}For development, use testnet explicitly:
JavaScript:
const sdk = new NovaSdk('alice.nova-sdk-6.testnet', {
apiKey: process.env.NOVA_API_KEY,
rpcUrl: 'https://rpc.testnet.near.org',
contractId: 'nova-sdk-6.testnet',
});Rust:
let config = NovaSdkConfig::testnet()
.with_api_key(&std::env::var("NOVA_API_KEY")?);
let sdk = NovaSdk::with_config("alice.nova-sdk-6.testnet", config)?;βββββββββββββββββββ
β Your dApp β
β (MCP/JS/Rust) β
ββββββββββ¬βββββββββ
β Session Token (JWT)
ββββββ΄βββββ
β NOVA β
β SDK β β No private keys!
ββββββ¬βββββ
β
ββββββ΄ββββββββββββββββββββββββββββββ
β MCP Server β
β (Auth + Signing Proxy) β
βββ¬ββββββββββββββββ¬βββββββββββββββββ
β β β
βββββββΌβββ βββββββΌββββββ βββΌββββββββββ
β IPFS β β NEAR β β Shade/TEE β
β(Pinata)β β Blockchainβ β (key ops) β
ββββββββββ βββββββ¬ββββββ βββββββββββββ
Encrypted nova-sdk.near Keys Never
Storage nova-kv.near Exposed
(encrypted blobs)
Flow:
- User authenticates via API key (get yours at nova-sdk.com)
- SDK sends request to MCP server with session token (auto-managed)
- MCP verifies JWT β retrieves encryption key from Shade TEE
- SDK encrypts locally using AES-256-GCM (key never leaves client unencrypted)
- MCP uploads encrypted data to IPFS and records transaction on NEAR
- Shade Agent derives keys in TEE via HKDF and stores encrypted blobs on
nova-kv.nearβ keys are never exposed in plaintext on-chain - IPFS stores encrypted files (ciphertext only)
- NEAR records transaction metadata (CID, file hash)
- Dataset Sharing: Securely share training data between researchers
- Model Fine-Tuning: Store and access sensitive data for AI agent training
- TEE Integration: Encrypted inputs/outputs to confidential compute environments
- Document Sharing: Secure file sharing within organizations
- Access Revocation: Remove member access and rotate keys automatically
- Audit Trails: Immutable transaction logs on NEAR blockchain
- Healthcare Records: HIPAA-compliant data sharing
- Financial Data: Secure transmission of sensitive financial information
- Identity Documents: User-controlled identity verification data
Operations require small NEAR deposits:
- Register group: ~0.1 NEAR
- Add member: ~0.0005 NEAR
- Revoke member: ~0.0005 NEAR
- Retrieve file: ~0.001 NEAR
- Upload file: ~0.01 NEAR
Ensure your NEAR account has sufficient balance before operations.
Comprehensive documentation is available on GitBook:
π NOVA Documentation
- Quick Start Examples
- MCP Server Guide
- JavaScript SDK Reference
- Rust SDK Reference
- NOVA Shade Agent
- Architecture & Concepts
- Private Keys - Never publish NEAR private keys to version control
- Key Storage - Keys managed in TEEs; never handle plaintext in code
- IPFS Privacy - IPFS content is addressable by CID; encryption is essential
- Access Control - Always verify user authorization before operations
- Key Rotation - Revoked members cannot decrypt content uploaded after revocation
- Client-Side Encryption - Files are encrypted locally using AES-256-GCM; plaintext never transmitted to IPFS or MCP server
- Token Ephemerality - Nonces and timestamps prevent replay; session tokens auto-refresh
- API Key Security - Store API keys in environment variables; never commit to version control
- AI Metadata Extraction: Automate metadata extraction for optimized IPFS indexing.
- Dataset Monetization: Add pricing for file access/downloads.
- Per-user rights: So far all group members can upload files in the group. This could be controllable with per-member rights to be set at add member or later updated.
- Chainlink Oracles: Dynamic fee calculation (NEAR/USD + IPFS storage costs)
- Multi-Chain Support: Expand to other NEAR-compatible chains
- NOVA account Backup: NOVA accounts and group keys are now persisted on
nova-kv.nearas encrypted blobs, recoverable across TEE restarts via the master seed. Remaining risk is master seed loss β a cold backup mechanism for the encrypted master seed blob is on the roadmap.
Contributions are welcome! We accept contributions for:
- Bug fixes and improvements
- New SDK features
- Documentation enhancements
- Integration examples
- Test coverage
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Add tests for new functionality
- Ensure all tests pass
- Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
See individual SDK directories for specific testing instructions.
Need help? We're here for you:
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Documentation: GitBook
MIT LICENSE - Copyright (c) 2026 CivicTech OΓ
Built with β€οΈ for the NEAR ecosystem, leveraging:
- NEAR Protocol for decentralized access control
- IPFS/Pinata for decentralized storage
- Shade Agents & TEEs for verifiable key management
- Model Context Protocol for AI integration
Ready to build privacy-first dApps? Choose your integration: MCP | JavaScript | Rust