> For the complete documentation index, see [llms.txt](https://encryptum.gitbook.io/encryptum/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://encryptum.gitbook.io/encryptum/storage-and-retrieval-process/data-retrieval-and-access-control.md). # Data Retrieval and Access Control The process of retrieving data within Encryptum begins when a user or AI agent initiates a request using the unique Content Identifier (CID) associated with the desired encrypted file. The CID serves as a precise pointer to the specific content stored across the distributed IPFS nodes. Upon receiving a retrieval request, the system first performs an access control verification step by interacting with the smart contracts on the Ethereum blockchain. These smart contracts contain metadata detailing ownership and permissions, which are checked in real-time to confirm whether the requester is authorized to access the requested data. This verification ensures that only users or agents with the appropriate rights, as defined and recorded immutably on the blockchain, can proceed further. Once authorization is confirmed, the system queries the IPFS network to locate nodes storing the encrypted file associated with the CID. Because the data is redundantly stored across multiple nodes, the retrieval is resilient against node failures or network disruptions, enhancing availability. Access control is reinforced through the use of end-to-end encryption. The encrypted data can only be decrypted by individuals or agents possessing the correct cryptographic keys, which are securely managed by authorized parties. This means that even if an unauthorized actor intercepts the data during transmission or compromises a storage node, the content remains unintelligible without the decryption key. This layered security approach guarantees the confidentiality and privacy of sensitive information throughout the retrieval process. The combined use of blockchain-based permission verification and client-side encryption establishes a trustless and secure environment. It eliminates reliance on centralized authorities for access enforcement and protects against common security risks such as data leaks, unauthorized access, and man-in-the-middle attacks. Through this comprehensive data retrieval and access control mechanism, Encryptum ensures that stored information remains both highly available and rigorously protected, fulfilling the privacy and security requirements critical for AI-native systems and autonomous agents. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://encryptum.gitbook.io/encryptum/storage-and-retrieval-process/data-retrieval-and-access-control.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.