Why off-chain at all?
Blockchains are not designed to store large files. Attachments like reports, images, or PDFs would make transactions unnecessarily expensive and slow. Off-chain storage separates the file storage (the attachment) from the integrity reference (hash/anchor).
On-chain vs. off-chain—keep it clean
On-chain typically holds only a technical proof (e.g., a hash/reference) for later consistency checks. The actual file lives off-chain in a storage that fits your setup. This keeps the audit path traceable without treating the blockchain like a file system.
How does linking work?
A cryptographic checksum (hash) is derived from a file or dataset. That checksum can be stored together with a reference (e.g., file ID, storage URI, or version) and—depending on configuration—anchored. Later, you can verify: if file/dataset and hash match, integrity is consistent.
Which storage options are possible?
Depending on requirements, off-chain storage can be implemented via object storage, internal systems, DMS/ERP references, or decentralized storage (e.g., IPFS/Arweave)—based on availability, governance, and cost. What matters is not the storage label, but clear referencing and a verifiable audit path.
Access & protection (without empty promises)
Off-chain storage enables controlled access (e.g., roles/permissions) and can—depending on setup—use additional safeguards (e.g., encryption, signatures, timestamps, versioning). Important: integrity (hash/anchor) and confidentiality (access/encryption) are different goals and should be handled separately.
Key takeaways
- Off-chain stores files; on-chain typically stores only hashes/references.
- Large attachments stay practical while integrity remains verifiable.
- Storage is flexible (object storage, DMS, IPFS, etc.)—the audit path is what matters.
- Confidentiality comes from access control and optional additional safeguards.
Whitepaper: /en/whitepaper
Security & Privacy: /en/security
Blog: /en/blog