Loading...
private.me Docs
Sign out Get Platform Architecture
PRIVATE.ME · Platform Architecture

19 Building Blocks. 205 ACIs.

Every product is a combination of proven cryptographic primitives. No new science. Just new combinations. Every ACI verified by xProve.

~1,116 patent claims filed 6,461+ tests 205 ACIs 7 crypto primitives 12 protocol primitives
01 — Foundation

The 19 Building Blocks

One crypto building block (containing 7 primitives) and 18 protocol building blocks. Every product in the PRIVATE.ME platform is assembled from combinations of these blocks.

Cryptographic Primitives

🔩
XorIDA
XorIDA threshold split over GF(2). Sub-millisecond for typical payloads. Information-theoretic security.
Used by 56/56 products
🔒
HMAC-SHA256
Integrity verification before reconstruction. Always verified first.
Used by 56/56 products
PKCS#7 Padding
Block alignment for XorIDA matrix operations. Deterministic pad/unpad.
Used by 56/56 products
🔐
AES-256-GCM
Authenticated encryption for envelopes and at-rest storage. Web Crypto API.
Used by 41/56 products
Ed25519
Digital signatures for identity attestation and message signing.
Used by 38/56 products
🤝
X25519
Ephemeral ECDH key agreement for forward-secret channels.
Used by 28/56 products
🔃
Double XorIDA
Two-pass GF(2) composition. Pass 1 security (K₁-of-N₁) + Pass 2 erasure (K₂=N₁). 2.0× overhead.
Used by 8/56 products

Protocol Primitives

📇
DID:key
Decentralized identifiers from Ed25519 public keys. Self-sovereign identity.
Used by 39/56 products
Envelope v1
AES-256-GCM encrypt-then-sign container. Share metadata fields for split-channel.
Used by 41/56 products
NonceStore
Replay protection with timestamp windows. Memory or Redis-backed.
Used by 37/56 products
🏛
TrustRegistry
DID resolution and agent discovery. Memory, HTTP, or DID:web backends.
Used by 31/56 products
🛡
Redact Pipeline
L1 Regex → L2 Schema → L3 NER → L4 LLM. PII detection and replacement.
Used by 5/56 products
🗄
Entity Vault
XorIDA-protected entity map storage. Serialize → pad → HMAC → split.
Used by 5/56 products
🔑
OAuth 2.0 + PKCE
Provider authentication for Gmail, Outlook, Yahoo. Server-side PKCE store.
Used by 6/56 products
📦
TLV Encoding
Type-Length-Value binary serialization for share metadata transport.
Used by 22/56 products
Result<T,E>
Typed error handling. ok()/err() pattern. No thrown exceptions in library code.
Used by 56/56 products
📝
Audit Chain
HMAC-chained append-only event log. Tamper-evident operation history.
Used by 21/56 products
xProve
4-tier verifiable computation. HMAC audit → commit-reveal → IT-MAC → KKW zero-knowledge proofs.
Verifies all 205 ACIs
📱
Xecret QR Output
XorIDA shares → Base45 → QR codes on paper. Magic number 123456789. Patent 17/395,661.
Used by 8/56 products
Key Insight
XorIDA + HMAC + PKCS#7 + Result<T,E> are universal — present in every single product. The remaining 14 primitives are combined selectively based on each product's security requirements.
02 — Assembly

How Products Are Built

Every product is a combination of building blocks. We group them by complexity into four tiers based on how many primitives beyond the universal core they require.

9
Group A
10
Group B
4
Group C
31
Group D
Complexity Tiers
Group A (Threshold Split) — Core trio only: XorIDA + HMAC + PKCS#7. Pure data protection.
Group B (Identity + Signing) — Adds Ed25519, DID:key, nonce protection, audit chains.
Group C (Redaction + Inference) — Adds PII redaction pipeline and entity vault.
Group D (Multi-Primitive) — Combines 5+ primitives for complex workflows.
UNIVERSAL: XorIDA + HMAC-SHA256 + PKCS#7 + Result<T,E> GROUP A: 3 primitives GROUP B: +4 primitives GROUP C: +2 primitives GROUP D: 5+ total 9 Products 10 Products 4 Products 31 Products PRODUCTS BUILT ON LAYERED PRIMITIVES
03 — Group A

Threshold Split

GROUP A · 9 PRODUCTS

Pure data protection using only the core trio. Input data is serialized, padded, integrity-tagged, and split into K-of-N shares. No identity layer, no encryption envelope — the split itself is the security.

Input Serialize Pad HMAC XorIDA Share 1 Share K ... K-of-N Recon Verify
xBackupbackup
$130.5B TAM
Ransomware-proof multi-cloud backup streaming
xSensescradasplit
$68.6B TAM
ICS/SCADA sensor data integrity
xSimGuardidentitysplit
$66.5B TAM
SIM swap and identity protection
xPrintbiometricvault
$63.8B TAM
Biometric template protection
xBlackBoxflightsplit
$34.8B TAM
Aviation black box data protection
xDosepharmasplit
$31.9B TAM
Pharmaceutical formula protection
xPasspasssplit
$11.7B TAM
Password vault with split storage
xSealsealedreveal
$8.1B TAM
Time-locked sealed bid auctions
xTipsourcesplit
$6.7B TAM
Journalist source protection
04 — Group B

Identity + Signing

GROUP B · 10 PRODUCTS

Adds Ed25519 signatures, DID:key identifiers, nonce-based replay protection, and HMAC-chained audit trails on top of the Group A pipeline. Every message is authenticated and every operation is logged.

Input Pad HMAC XorIDA Ed25519 DID:key Envelope Nonce Audit Transport Verify GROUP A CORE + IDENTITY LAYER REPLAY PROTECTION + AUDIT CHAIN
xLinkagent-sdk
$2,900B TAM
Authenticated machine-to-machine messaging
xPatchotadelivery
$186.2B TAM
IoT firmware split-delivery
xAuditauditlog
$52.2B TAM
HMAC-chained distributed audit logs
xSignauthorize
$47.5B TAM
Cryptographic k-of-N threshold authorization
xBeamsattelemetry
$41.6B TAM
Satellite telemetry protection
xScanimagesplit
$31.9B TAM
Medical imaging split protection
xFeedoraclesplit
$17.8B TAM
Blockchain oracle data integrity
xHoldforensiccustody
$15.7B TAM
Digital evidence chain of custody
xAuthenticprovenancesplit
$12.3B TAM
Media provenance and deepfake detection
xIngestsecureingest
$9.5B TAM
Secure multi-org data ingestion
05 — Group C

Redaction + Inference

GROUP C · 4 PRODUCTS

Adds the PII redaction pipeline and entity vault to the Group A/B stack. Data is redacted before leaving the trust boundary, processed by an external model, then reinjected with original entities on return.

Input L1 Regex L2 Schema L3 NER L4 LLM Redacted Entity Map (Vault) LLM API Reinject Output REDACTION PIPELINE Entity map protected at rest via XorIDA vault
xRedactinference + redact
$128.6B TAM
Privacy-preserving AI — PII redaction + split-channel inference
xOrigintrainingguard
$35.6B TAM
AI training data provenance
xSentinelmodelguard
$29.4B TAM
AI model weight integrity verification
xFederatefedlearn
$28.4B TAM
Federated learning gradient privacy
06 — Group D

Multi-Primitive

GROUP D · 31 PRODUCTS

These products combine five or more primitives for complex workflows — encrypted envelopes, key agreement, TLV encoding, trust registries, and more. Each picks exactly the building blocks it needs.

Product picks & combines XorIDA AES-256 Ed25519 X25519 DID:key Envelope Nonce TrustReg TLV Audit

The top 8 Group D products by TAM:

xLinkagent-sdk
$240B TAM
M2M identity and authentication without credentials
xClaimclaimsplit
$1,900B TAM
Insurance claims privacy
xZonesovereignsplit
$448.5B TAM
Cross-border data sovereignty
xBridge-PQquantumchannel
$109.8B TAM
Post-quantum key distribution bridge
Xreachadsplit
$109.5B TAM
Privacy-preserving ad attribution
xVaultDBvaultdb
$98B TAM
Encrypted database with row-level split
xGenegenomicshare
$84.9B TAM
Cross-border genomic data sharing
Xgridteefree
$79.2B TAM
Confidential computing without TEEs

Plus 23 more: xKey, xCredit, xWill, xVote, xBlind, xPulse, xSpecimen, xNuke, xDNSGuard, xCross, xRecord, VaultDrop, Xecret, Xail (email), xRescue, xRite, xWarden, xArchive, xRecall, xDrop, xAirGap, xArmor, and the per-event products.

07 — Coverage Map

The Dot Matrix

Every product mapped against all 18 building blocks. Green dot = uses that primitive. Sorted by TAM within each group.

Product XorIDA HMAC PKCS7 AES Ed25519 X25519 DID Env Nonce Trust Redact Vault OAuth TLV Result Audit Xecret DblXor
Group A — Threshold Split (9 products)
xBackup · $130.5B
xSense · $68.6B
xSimGuard · $66.5B
xPrint · $63.8B
xBlackBox · $34.8B
xDose · $31.9B
xPass · $11.7B
xSeal · $8.1B
xTip · $6.7B
Group B — Identity + Signing (10 products)
xLink · $2,900B
xPatch · $186.2B
xAudit · $52.2B
xSign · $47.5B
xBeam · $41.6B
xScan · $31.9B
xFeed · $17.8B
xHold · $15.7B
xAuthentic · $12.3B
xIngest · $9.5B
Group C — Redaction + Inference (4 products)
xRedact · $128.6B
xOrigin · $35.6B
xSentinel · $29.4B
xFederate · $28.4B
Group D — Multi-Primitive (31 products)
xClaim · $1,900B
xZone · $448.5B
xBridge-PQ · $109.8B
Xreach · $109.5B
xVaultDB · $98B
xGene · $84.9B
Xgrid · $79.2B
xKey · $41.7B
xCredit · $44.1B
xWill · per-event
xVote · per-event
xBlind · per-event
xPulse · per-event
xSpecimen · per-event
xNuke · per-event
xDNSGuard · per-event
xCross · $23.9B
xRecord · $14.3B
VaultDrop
Xecret
Xail (email)
Xail (enterprise)
Group E — Physical-Digital (8 products)
xRescue
xRite
xWarden
xArchive
xRecall
xDrop
xAirGap
xArmor
Reading the Matrix
Dense green rows indicate complex multi-primitive products. Sparse rows are pure threshold-split products. The universal columns (XorIDA, HMAC, PKCS#7, Result) are green across every row. The Xecret and DblXor columns light up exclusively for physical-digital and HTTPS products — the platform's foundation is consistent.
08 — Verification Layer

Every ACI, Verified by xProve

xProve is a horizontal verification layer that spans every product group. Every XorIDA operation produces HMAC-verified shares. xProve turns those HMACs into an audit chain — and for xCompute ACIs, adds progressively stronger guarantees up to public zero-knowledge proofs.

Group A Threshold Split Group B Identity + Signing Group C Redaction Group D Multi-Primitive XPROVE VERIFICATION LAYER T1 HMAC Chain • T2 Commit-Reveal • T3 IT-MAC • T4 KKW Zero-Knowledge XCOMPUTE — MPC on Shares XOR-homomorphic computation + Beaver triples XORIDA — Threshold Sharing + HMAC-SHA256
Cross-ACI Verification
Every ACI produces HMAC audit trails (T1) automatically. For the 8 xCompute ACIs — xClaim, xCredit, xVote, xBlind, xCleared, xAudit, xWash, and Xreach — xProve adds T2–T4 verification up to publicly verifiable KKW zero-knowledge proofs (~50 KB, post-quantum). Read the xProve white paper →
205
ACIs verified
4
Proof tiers
~50 KB
KKW proof
GF(2)
Native field
08 — Intellectual Property

Patent Coverage

All 18 building blocks are covered by patent applications 1–4 plus the Xecret patent (17/395,661). No gaps in the primitives. The portfolio's 283+ claims protect every layer of the platform.

App 1 · 77 claims Split-Channel Email App 2 · 26 claims Agent-to-Agent M2M App 3 · 23 claims Authentication App 4 · 80 claims Hardware Threshold CRYPTO PRIMITIVES XorIDA HMAC PKCS#7 AES-256 Ed25519 X25519 DblXor PROTOCOL PRIMITIVES DID Envelope Nonce Trust Redact Vault OAuth TLV Result Audit Xecret ALL 18 BUILDING BLOCKS COVERED · 283+ CLAIMS · 5 PATENT FILINGS
Application 1
Split-Channel Email (H2H)
77 claims · Filed
XorIDA HMAC PKCS#7 AES-256 TLV OAuth Audit
Application 2
Agent-to-Agent (M2M)
26 claims · Filed
Ed25519 X25519 DID:key Envelope Nonce TrustReg
Application 3
Authentication
23 claims · Filed Mar 2026
Ed25519 DID:key Nonce Result
Application 4
Hardware Threshold
80 claims · Pending
XorIDA AES-256 DblXor Redact Vault TLV Audit
Patent 17/395,661
Xecret Physical QR Output
Filed · Granted
XorIDA HMAC DblXor Xecret
Known Gap
Computation-on-shares (split → compute without reconstruction → result) is not claimed in any application. This affects xClaim ($1,900B), Xreach ($109.5B), xCredit ($44.1B), and xFederate ($28.4B) — a combined $2,082B TAM (31% of portfolio). Recommended for a future filing.
PRIVATE.ME · PLATFORM ARCHITECTURE

StandardClouds Inc. dba PRIVATE.ME — Confidential. For internal use and approved partners only.

19 building blocks · 205 ACIs · ~1,116 patent claims filed · 6,461+ tests · xProve verified