Most platforms treat login and ownership as the same thing. You log in, you get your stuff. Lose access to your account, lose your stuff. That's fine for social media. It's catastrophic for money.
nimimo splits what other platforms bundle together. Four distinct layers — Access, Identity, Ownership, Recovery — each operating independently. Understanding this separation is understanding why nimimo works the way it does.
Layer 1: Access
Access is how you log in — email or Google. It proves you're a returning user. It opens the door to the nimimo interface. But Access alone gives you nothing. It doesn't create a wallet. It doesn't grant control over funds. If you log in on a new device, you see an empty state until you create something new or restore something you already have.
This is deliberate. If Access equaled Ownership, a compromised email would mean compromised funds. In nimimo, a compromised email means someone can see your public handle. That's it.
Layer 2: Identity
Your Identity is your human-readable handle — @lucky-mountain. It's the public face of your crypto presence. It maps to your addresses on Bitcoin, Ethereum, and Solana. It's what people see when they visit your profile.
Identity lives on the server because it's a namespace — two people can't both be @lucky-mountain. But the server's role is strictly a directory: given a name, return the associated public addresses. No keys, no signing authority, no control.
Layer 3: Ownership
Ownership is the core — your wallet, encrypted and stored on your device. It's generated locally, locked with your device's unique key, and never transmitted anywhere. The server doesn't have it. nimimo the company doesn't have it. No one has it except the device where it was created.
Ownership is what lets you send transactions. It's what holds your keys. It's the only layer that touches real money. And it exists entirely outside nimimo's infrastructure.
Layer 4: Recovery
Recovery is the bridge between losing a device and keeping your funds. It's a printed or saved PDF — your wallet re-encrypted with a PIN, encoded as a QR code. Recovery is portable, offline, and independent of both Access and Identity.
You don't need to be logged in to restore. You don't even need internet during the decryption step. The recovery card contains everything needed to rebuild your wallet on a new device. It just needs your PIN.
Why separation matters
Each layer can fail independently without bringing down the others. Lose Access? Your wallet is still on your device. Lose your device? Recovery restores it. Someone guesses your handle? They can't sign transactions without your wallet. Forget your recovery PIN? Your device still has the wallet.
No single point of failure. No single thing to protect. No single entity to trust. That's what layered security actually means.