The Data Pledge

Your dreams are yours. And you can check.

Dreambound makes three promises about your data — and backs them with a cryptographically signed pledge that every Dreambound app verifies for you. This page runs that verification live, in your browser, right now.

The promise

✦ We never sell or rent dreamers' data — to anyone, for any price.
✦ We never share your personal data or content with a third party for that third party's own purposes.
✦ We never use your data to train AI — private, shared, or public; not now, not when the platform is public, not ever.

The pledge, verified live

Verifying the pledge…

How the verification works

Promises are easy to make and hard to trust. So Dreambound's backend publishes a signed document — a "canary" — and the apps check it instead of asking you to take our word for anything.

Fetch the signed pledge. The app requests the canary document from the transparency endpoint. It contains the pledge, an Ed25519 signature, and a public key.
Canonicalize the pledge. The pledge object is serialised to JSON with its keys sorted recursively and no whitespace — the exact same bytes the backend signed.
Check the signature. The app verifies the signature with Web Crypto against a public key built into the app itself — not the key in the document. The document's key is only ever compared to the built-in one; a mismatch is treated as an alarm.
Check it is current. The app confirms the present moment falls within the pledge's issued and expiry dates. A pledge that lapses raises an alarm rather than passing quietly.

If the signature is valid, the key matches, and the pledge has not expired, you see a green verified. If anything is wrong, you see a red ALARM. If the document simply could not be reached, you see an amber unverified — honest about what we do and don't know.

Dreambound's trusted public key (raw 32-byte Ed25519, base64). You can use it to verify the pledge yourself.

loading…

The detector, in the open

Dreambound the product is a closed project — but the thing that matters here, the verification itself, is completely open. The code below is the actual verifier running on this page. It runs in your browser, so it is naturally inspectable. That is the point: this place is trustworthy because the check is open, not because we asked you to believe us.

Source: js/canary.js — also shown in full below.

Loading the verifier source…

Read the full Privacy Policy, or write to support@guardianity.space with any question. ✦