Ward Cloak: Why we’re “blinding” ourselves to protect you

3 min read Original article ↗

It’s definitely mid-January, temps are dropping and it’s getting cold 🥶🥶

Living in the Northeast, “cold” is just a state of mind. A few weekends ago, I went up to the Catskills right after some fresh powder. I got a few good runs in between icy rain in the morning and slush and ice in the afternoon.

Did I get rained on? Yes. Was it worth it? Also yes.

Check out these clouds!
The Invisibility Cloak | Official Harry Potter Encyclopedia

Since my last post about “wolf in sheep’s clothing” extensions, I’ve been thinking a lot about the word trust. In the security world, we usually say “Trust, but verify.” But at Ward, we want to go a step further: We don’t even want the data required to betray your trust in the first place.

Most apps and websites work like a credit card. Every time you use it, the bank (or the developer) knows exactly who you are, where you spent the money, and what time you were there. If a company gets hacked or shares its data with a third party, that “paper trail” of your browsing history is what the bad guys are after.

To fix this, we’ve moved Ward to a system called Blind Signatures. Think of it like walking into a casino:

Las Vegas casinos: Where to game and gamble in Sin City
Can you guess which LV casino this is?

  1. Buying the Chips: You hand the cashier (our server) $20. They give you a handful of chips.

  2. The Secret Envelope: Imagine you put those chips in an envelope before the cashier hands them back. They know they gave someone $20 worth of chips, but they didn’t see the specific serial numbers on the chips inside your envelope.

  3. Cashing In: When you go to a table to play (or in our case, when Ward scans a suspicious website), you hand over a chip. We recognize the chip is real because we signed it, but we have no way of knowing it was the same person who bought it ten minutes ago.

By using this “gift card” or “chip” style of logic, we’ve mathematically unlinked your identity from your scans.

  • We are “Blind”: Even if myself or a Ward employee wanted to see what websites you were scanning, I couldn’t. The math literally prevents it.

  • No Paper Trail: If an attack ever targeted our backend, there’s no database connecting User A to Website B. That data simply doesn’t exist.

  • Security for 2026: We’re tired of seeing extensions harvest data to sell to “grey area” marketing firms. Ward Cloak ensures we stay the “good guys” by making it impossible for us to be anything else.

We published a full mathematical deep dive here if you’re interested!

Nothing at all. If you’re running Ward version 1.2.0 or later, Cloak is already running under the hood. You get the same world-class phishing protection, but now you’re wearing a digital mask while you use it. Our mission is to make Ward the most private security tool on the market.

As always, stay safe out there. If you have questions about how the “chips” work or feedback from using Ward, drop me a line at cedric@tryward.app!

— Cedric

Discussion about this post

Ready for more?