Operating Environment

Web App — React/Next.js
Mobile iOS/Android Apps — Device-bound identity, hardware-backed keys, biometric gated access
Backend — Node.js/FastAPI (verification and coordination only; not a data owner)
Distributed Content Storage — Private IPFS cluster or encrypted object storage with hash addressing
Cloud hosting — AWS
Databases — PostgreSQL, Redis, Elasticsearch (operational data only; no sensitive personal content)

Design & Implementation Constraints

Strong privacy requirements
Shariah-compliance validation
Global accessibility
Secure cryptographic storage