ROND is a young project in its concept phase. We regularly receive great questions – here are the most common ones. At the bottom, you'll find the questions we don't have answers to yet ourselves.
No. The blockchain only stores metadata – hashes, trigger configurations, public keys, authorization rules. None of this is sensitive. Your actual content (messages, credentials, documents) is encrypted on your device and stored as shards across federated nodes – never in plaintext, never complete in one place. The blockchain is the rule register, not the vault.
→ Explained in detail under "How It Works"Yes – just like it already does today. Anyone using Google, iCloud, WhatsApp, or a banking app stores sensitive data on third-party servers. The difference: with these services, the operator can read your data – they just promise not to. With ROND, the node operator cannot read your data, because it is encrypted client-side and fragmented using Shamir's Secret Sharing. No single node holds enough information to decrypt anything.
Large platforms will indeed implement EUDI themselves – EU regulation requires it by late 2027. You won't need ROND just to log into Amazon. ROND becomes relevant in three scenarios: First, smaller services that don't want to implement EUDI on their own (clinics, SaaS providers, clubs). Second, authorized communication – no single platform can solve this across platforms. Third, digital legacy – this only works with a cross-platform layer, because your digital life doesn't live with a single provider.
That is precisely why ROND is an open protocol, not an app. SMTP has existed since 1982, even though hundreds of email providers have come and gone. An open protocol belongs to no one – as long as at least one node is running, the data exists. The blockchain anchoring guarantees the integrity of rules independently of any single organisation. The nonprofit foundation structure additionally ensures that ROND cannot be acquired or shut down.
A PostgreSQL database could technically store all the data. But: who guarantees that the foundation hasn't altered the data in 30 years? With a database, the answer is: trust. Exactly the trust problem ROND is designed to solve. With a blockchain, every change is cryptographically chained, publicly auditable, and deterministically traceable. A notary can verify the validity of a trigger configuration directly on the blockchain in 20 years – without having to trust the foundation, the node operator, or any intermediary.
Fair scepticism. ROND has no token, no ICO, no speculative component. The blockchain is used because it solves a specific problem: tamper-proof rule anchoring over decades. Not because "blockchain" sounds good. If a better technology emerges tomorrow that achieves the same thing, we would switch. The architecture is cryptographically agile – algorithms can be swapped without rebuilding the system.
The Identity Registry and Authorization Protocol are free – they require minimal storage (just keys and rules). The Legacy Protocol, which involves actual data storage, is funded through tiered fees. Enterprise API access for notary chambers, insurers, and banks generates additional revenue. Node operators are compensated through protocol fees – not token speculation.
→ Funding details in the concept paper v0.5These questions are deliberately open. We are actively working on them – and this is exactly where we need outside expertise. If you can contribute to any of these, .
If 450 million EU citizens use the Legacy Protocol – how much storage does the federated network need? What is a realistic per-user limit? Will ROND be a key vault (a few KB per user) or a data vault (MBs to GBs)? Who pays for storage over 50 years – and how?
ROND must survive quantum computers and unknown future attacks. What does a concrete re-encryption mechanism look like when an algorithm is classified as broken? What happens in the legacy case, when the user is no longer active – who authorises the re-encryption?
Large platforms will implement EUDI directly. ROND's pure login advantage disappears there. What is the cross-platform feature that no single platform can replicate – and that simultaneously gives people a reason to register with ROND?
How large should a guardian quorum be? What happens when guardians die, lose contact, or collude? How do you prevent both false-positive and false-negative trigger activations over decades?
– we answer everything.