These diagrams are intentionally compact for presentation use. Each one is designed to communicate a single MeshKit architecture or positioning idea in under 15 seconds.
flowchart LR
App["Application"] --> MeshKit["MeshKit SDK"]
MeshKit --> Encrypt["Client-side encryption"]
Encrypt --> Providers["IPFS-compatible providers"]
Providers --> CID["CID + proof metadata"]
MeshKit is the encrypted application storage layer above IPFS-compatible infrastructure.
flowchart LR
App["Application data"] --> MeshKit["MeshKit"]
MeshKit --> Encrypt["Encrypt locally"]
Encrypt --> Provider["Provider stores bytes"]
Provider --> CID["CID returned"]
Providers receive encrypted envelopes, never application plaintext.
flowchart LR
CID["CID"] --> Provider["Provider retrieval"]
Provider --> Payload["Encrypted payload"]
Payload --> MeshKit["MeshKit"]
MeshKit --> Decrypt["Decrypt locally"]
Decrypt --> App["Application data"]
MeshKit retrieves by CID and performs client-side decryption before data returns to the app.
flowchart LR
Alice["Alice"] --> Capsule["Share capsule<br/>wrapped key + policy"]
Capsule --> Bob["Bob"]
Data["Encrypted data<br/>unchanged"] --> CID["CID reference"]
CID -.-> Capsule
Sharing grants access through encrypted capsules without rewriting or exposing stored data.
flowchart TD
Web["Web / PWA"] --> Core["MeshKit Core"]
Node["Node.js"] --> Core
RN["React Native"] --> Core
Ionic["Ionic / Capacitor"] --> Core
Core --> Providers["IPFS-compatible providers"]
MeshKit keeps one encrypted storage model across browser, server, and mobile runtimes.
flowchart TD
MeshKit["MeshKit"] --> Bytes["Byte storage<br/>encrypted envelopes"]
MeshKit --> Metadata["Metadata<br/>proofs, capsules, sync records"]
MeshKit --> Retrieval["Retrieval<br/>gateway or provider reads"]
MeshKit --> Policy["Policy<br/>optional access checks"]
Providers are composable responsibilities, not just raw byte stores.
flowchart LR
Local["Local dev<br/>no infrastructure"] --> Test["Validate write/read/proof"]
Test --> Config["Configure provider<br/>bytes + metadata"]
Config --> Production["Production<br/>observed and auditable"]
MeshKit starts locally but requires explicit provider configuration for production workloads.
flowchart LR
App["Application"] --> MeshKit["MeshKit<br/>developer layer"]
MeshKit --> IPFS["IPFS<br/>content addressing"]
IPFS --> Infra["Storage infrastructure"]
MeshKit packages encryption, identity, sharing, and provider workflows around IPFS primitives.
flowchart LR
Agent["Agent"] --> Host["MCP host<br/>approval + scopes"]
Host --> Tools["MeshKit MCP tools"]
Tools --> MeshKit["MeshKit"]
MeshKit --> Storage["Encrypted storage"]
MCP exposes controlled MeshKit storage capabilities to agents through scoped tools.
flowchart LR
subgraph Plaintext["Plaintext Zone"]
App["Application"]
Client["MeshKit client"]
end
subgraph Encrypted["Encrypted Zone"]
Envelope["Encrypted envelope"]
CID["CID"]
end
subgraph Provider["Provider Zone"]
Store["Byte storage"]
Meta["Metadata service"]
end
App --> Client
Client --> Envelope
Envelope --> Store
Store --> CID
Client --> Meta
MeshKit moves data across the trust boundary only after encryption.
flowchart LR
Plain["Plaintext"] --> Encrypt["Encrypt"]
Encrypt --> Envelope["Encrypted envelope"]
Envelope --> Store["Store bytes"]
Store --> CID["CID"]
CID --> Proof["Proof metadata"]
CID --> Retrieve["Retrieve envelope"]
In MeshKit, a CID identifies encrypted bytes, not the original plaintext.
flowchart LR
MeshKit["MeshKit"] --> Provider["IPFS provider"]
Provider --> CID["CID"]
CID --> Bridge["Filecoin HTTP bridge"]
Bridge --> Deal["Deal / persistence proof"]
Deal --> Retrieval["Long-term retrieval"]
Filecoin persistence can sit behind the provider path without changing MeshKit's encryption model.