# The Cryptographic Air Gap The core of our privacy innovation lies in how we handle user sessions. To track a user journey without tracking the user identity, we utilize a technique we call the Cryptographic Air Gap. #### The Daily Salt Mechanism When a user visits your site, we need to know if they are the same person who visited five minutes ago, without knowing who they are. We achieve this by generating a session hash using three inputs: the user's IP address, the user's User Agent string, and a rotating salt. This salt is a random cryptographic string that is generated by our servers every 24 hours. At midnight UTC, the old salt is deleted and replaced. This rotation is the air gap. Once the salt is deleted, it is mathematically impossible to reconstruct the inputs that generated the hash. This means that even if a government entity or a malicious actor were to seize our servers, they could not decode the data to identify a specific user's activity from the previous day. The link between the digital footprint and the physical identity is severed permanently every 24 hours. #### No Persistent Identifiers Legacy tools use cookies to tag a user with a unique ID that persists for years. This allows them to track a user across different websites and build a comprehensive behavioral profile. Signet strictly prohibits cross-site tracking. The hash we generate is unique to your specific website project ID. If the same user visits two different websites that both use Signet, they will appear as two completely different, unrelated visitors. This ensures that we cannot be used to triangulate user identity across the web. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.signtoken.vip/5.-security-and-compliance/the-cryptographic-air-gap.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.