Back to Blog

ULDA — a new approach to data authentication

UT
ULDA TeamPosted on September 30, 2025

ULDA — the first step toward a new kind of data authentication

We are excited to present ULDA (Universal Linear Data Authentication) — a small, practical building block for authentication through state inheritance. The core idea is not to rewrite the past but to guarantee continuity: starting from registration, each subsequent step proves it was performed by the same subject as the previous one.

Background

ULDA started as an authorization method for hidegram, where the hard requirement was to reveal nothing about the client. For a chat this is acceptable: there are many messages and identity can be confirmed post‑facto without an explicit public profile.

The next iteration raised the bar:

“Build an open database with no server‑side secrets, while letting users moderate/manage their own data when the server is fully open and neither client nor server trusts the other.”

We needed a mechanism where the server can see everything yet cannot silently forge or roll back history, and where a user can prove the right to update “their branch” without continuously exposing their identity. That’s ULDA: a linear chain of states in which every new action inherits the previous one and, by doing so, confirms the legitimacy of the transition.

Idea: authentication through state inheritance

  • Linearity. Every message is tied to the previous step.
  • Verification by the “last anchor.” Verifiers don’t need long histories or durable key stores — the last confirmed state is enough.
  • No rewriting the past. The system only moves forward; resets or rollbacks are detectable.
  • Lightweight. Suitable for simple clients and constrained devices.

ULDA does not replace encryption or digital signatures; it complements them. It is a compact continuity primitive you can build on.

Why this matters

  • One‑time steps. A step cannot be replayed.
  • Monotonicity. Order and state only advance.
  • Stateless verification. Knowing the latest point is sufficient.
  • Post‑compromise resilience. If the current state leaks, a clean update “locks out” the attacker — only the rightful owner can keep the chain going.

Where ULDA is useful

  • CSE scenarios (Client‑Side Encryption). Content is encrypted client‑side; ULDA provides inherited authentication of steps.
  • Password managers. We have a demo in 0am — ULDA records the sequence of actions without unnecessary disclosure.
  • Open databases. “Open‑by‑default” stores with no server‑side secrets where users still prove the right to moderate/manage their data.
  • On‑the‑fly action confirmations. Just‑in‑time confirmations of clicks/operations/consents where continuity of the same subject must be proven immediately.
  • …and similar cases that need a simple, lightweight proof of continuous identity.

ULDA is a practical way to guarantee continuity of identity and order without heavy infrastructure. We’re eager to hear your feedback and see how you apply it.

ULDA — a new approach to data authentication