# Application Contexts

A Verida account can connect to multiple applications. These connections are called application `contexts`.

<figure><img src="/files/75pnd9JJw4964OUtimUc" alt=""><figcaption></figcaption></figure>

An application `context` has a unique name (ie: `Verida: Markdown Editor`) and provides a specific set of capabilities:

* Database storage
* Messaging
* Block storage
* Notifications

These applications `contexts` are accessed by applications via the [Client SDK](/protocol/client-sdk.md).

Application contexts are siloed from each other. A Verida account connected to one application context has no access to data in a different application context. This ensures a web application can only access data for it’s own application and not be provided with an account’s private key.

## Security <a href="#security" id="security"></a>

An application `context` is “unlocked” by a Verida account signing a consent message. The signature is unique for a given `DID` and `context` name. The signature is used as entropy to create a deterministic set of encryption keys:

* **Symmetric encryption key** — for encrypting private data
* **Asymmetric encryption key** — for encrypting data for other users and applications
* **Signing key** — for signing data

These `context` encryption keys can only be generated from the consent signature generated by the account when logging into an application. The signature is used as a seed to create a [Hierarchical Deterministic Wallet](https://www.investopedia.com/terms/h/hd-wallet-hierarchical-deterministic-wallet.asp), which in turn, is used to generate multiple child keys.

## Discoverability <a href="#discoverability" id="discoverability"></a>

When a new application `context` is created, metadata about the account and the `context` is published to the account’s DID document on the `Verida DID server`. This information includes:

* The (asymmetric and signing) public keys
* Database endpoint
* Messaging endpoint
* Block storage endpoint
* Notification endpoint

This allows other users and applications in the Verida network to discover information per context:

* The endpoint used to communicate with an account
* Encrypt data for an account using it’s public asymmetric key
* Verify data signed by an account using it’s public signing key

Through this approach, user’s have complete control over where their personal data is stored.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://developers.verida.network/protocol/concepts/application-contexts.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.