3.4. Data model and routing (MVP)

Routing in the MVP is designed to be explicit and predictable.

Each message record links a sender wallet to a recipient wallet, along with the encrypted payload and a timestamp. This makes message delivery straightforward and reliable, and it keeps the system easy to reason about in early stages.

The trade-off is that the backend can see communication relationships and timing. That metadata exists to support a usable product and is not hidden in the MVP.

What matters is that this metadata exposure does not weaken the core guarantee: even with full access to routing data and stored payloads, the backend cannot reconstruct message content.

This routing model is a conscious starting point. It prioritizes clarity and stability over more complex delivery schemes that would make the first version harder to audit and operate.