Stop fraudsters
your peers
already caught.
trustdb is a private signal-sharing network for trust & safety teams. Members hash an email or phone locally with the network's fixed PBKDF2 salt and check it against a synced 4-byte prefix database — Safe Browsing-style.
Raw identifiers never leave your servers. trustdb itself only ever sees a 4-byte prefix, and only on a probable hit.
Modeled on
Safe Browsing.
A two-step lookup that keeps the common case offline and reveals almost nothing on the rare case it doesn't.
- 01 client-side
Hash locally
Your server computes PBKDF2-SHA256 of the identifier with the network's published salt. The raw email or phone never leaves your infrastructure.
h = pbkdf2(email, salt) - 02 offline
Check the local prefix DB
You keep a synced set of every reported hash truncated to 4 bytes. Lookup is an offline set membership test — no network call on the common no-match path.
prefix = h[:4] if prefix in local_db: - 03 1 request
Confirm with trustdb
On a prefix hit, fetch all full hashes sharing that prefix from trustdb and compare client-side. trustdb only ever sees a 4-byte value that collides across many real identifiers.
full = trustdb.lookup(prefix) if h in full: - 04 your call
Act on a confirmed match
A real full-hash match returns the metadata that other members reported — severity, category, timestamp — for your team to enforce policy on.
report = full[h] block(user, report)
On the no-match path, trustdb learns nothing. On the rare hit path, it learns a 4-byte value shared by tens of thousands of unrelated identifiers.
Hash
in your
browser.
The widget on the right runs PBKDF2-SHA256 entirely client-side via the Web Crypto API. Nothing is sent anywhere — open the network tab and check.
- algorithm
- PBKDF2-SHA256
- salt
- trustdb-network-v1
- iterations
- 100,000
- output
- 256-bit hex
⊥ Runs on Web Crypto. trustdb never sees your input. In the real protocol, only the highlighted prefix is transmitted — and only when it matches your local database.
Built for the teams
fighting the same fights.
trustdb is invite-only and built around clusters of operators who keep seeing the same actors. If you run a trust & safety function on any of these surfaces, you should be in.
- 01
Marketplaces
Catch sellers re-listing after a ban from a peer marketplace.
- 02
Fintech onboarding
Surface accounts your peers have already flagged for fraud or chargeback abuse.
- 03
P2P platforms
Stop scammers cycling between rideshare, rentals, and resale sites.
- 04
Dating & social
Block romance-scam operators across services without sharing user data.
- 05
SaaS abuse prevention
Identify trial-abuse rings and credit-card cyclers before they sign up.
- 06
Crypto onramps
Augment KYC with peer-reported risk signals on hashed identifiers.
Privacy is
the product.
Five things we will never compromise on. They are encoded into the protocol — not into a policy document.
- I.
Hashes only
Identifiers are run through PBKDF2-SHA256 with the network's published salt. trustdb stores nothing else.
- II.
Local-first lookups
Members sync a 4-byte-prefix database and query trustdb only on probable hits. The common case is fully offline.
- III.
Prefix collisions are the point
On a probable hit, trustdb only sees a 4-byte value that collides across many real identifiers. It cannot tell which one you checked.
- IV.
Members own their reports
Each member controls the reports they contribute and can revoke them at any time. No central editorial layer.
- V.
GDPR-compatible by design
No raw PII is transmitted to or stored on trustdb infrastructure. The protocol is designed for legal teams to sign off on.
Request
access.
trustdb is invite-only. Tell us a little about your team and the surface you're protecting. We reply by email — usually within a few working days.