PRIVATE.ME PLATFORM

xArchive: Long-Term Physical PII Archive

Separate sensitive PII from documents using multi-layer redaction, then vault the entity map as physical QR shares that survive decades -- while the redacted document stays safely digital.

Physical-Digital COMING SOON XorIDA Powered Double XorIDA

Section 01

The Problem

PII in digital archives is a permanent breach target. Physical paper records degrade. No existing solution separates sensitive data from non-sensitive with guaranteed recoverability across decades.

Healthcare organizations must retain patient records for 30 years or more under HIPAA. Government census data, legal discovery archives, and insurance claim histories all carry similar long-horizon retention mandates. Every year those records sit in a digital archive, they accumulate breach risk.

Traditional approaches force a binary choice: keep full PII online (and accept breach exposure) or redact permanently (and lose the data forever). Neither option satisfies compliance requirements that demand both privacy protection and future recoverability.

The Old Way

Section 02

The PRIVATE.ME Solution

L1-L3 redaction strips all PII from the document. The entity map -- the key to restoring the original -- is vaulted via Double XorIDA into QR shares printed on archival paper. The redacted document is stored digitally, safe to breach.

xArchive creates a physical-digital separation: the redacted document lives in any digital archive (cloud, on-premise, tape) with zero breach risk because it contains no PII. The entity map that links redacted tokens back to real identities exists only as physical QR codes distributed across separate locations.

Double XorIDA provides both secrecy and fault tolerance. Any K-of-N QR shares reconstruct the entity map; fewer than K reveals nothing. Archival-grade paper and UV-stable ink ensure 50+ year durability.

The New Way

Section 03

How It Works

Three-stage pipeline: redact, vault, archive. Each stage is independently auditable and the redacted output is safe to store anywhere.

Key Security Properties

Information-theoretic secrecy: Fewer than K shares reveal zero information about the entity map -- not computationally hard, mathematically impossible.
Fault tolerance: Double XorIDA means any K-of-N shares reconstruct, surviving loss of up to N-K locations.
Physical durability: Archival paper + UV-stable ink rated for 50+ year retention. No digital decay, no bit-rot.

Section 04

Use Cases

🏥

Healthcare

30-Year HIPAA Retention

Patient records redacted in place. Entity maps vaulted as QR shares in separate hospital safe deposit boxes. Decades of compliance without breach exposure.

HIPAA / HITECH

🏛

Government

Census Archive Protection

Census PII separated from statistical data. QR shares distributed across federal vaults. Demographic analysis continues without identity exposure.

NARA / FISMA

⚖

Legal

Discovery Protection

Privileged PII redacted before document production. Entity maps held by counsel. Reconstruction only when court orders compel full disclosure.

FRCP Rule 26

📋

Insurance

Long-Term Claims Records

Policyholder PII vaulted physically. Claims data analyzed digitally without identity risk. Actuarial work continues on redacted datasets.

SOC 2 / GDPR

Section 05

Integration

Quick Start

import { archivePII, reconstructEntities } from '@private.me/xarchive';

// Redact PII and vault entity map as QR shares
const result = await archivePII(documentBuffer, {
  n: 3,        // total shares
  k: 2,        // threshold to reconstruct
  format: 'qr-archival',
});

// result.redactedDoc  -- safe to store digitally
// result.qrShares     -- print on archival paper

// Later: scan K shares to reconstruct
const entities = await reconstructEntities(scannedShares);

archivePII(document: Buffer, config: { n: number, k: number }): Promise<ArchiveResult>

Redacts PII using L1-L3 pipeline, generates entity map, splits via Double XorIDA into N QR-printable shares requiring K to reconstruct. Returns redacted document and QR share images.

reconstructEntities(shares: QRShare[]): Promise<EntityMap>

Accepts K or more scanned QR shares, verifies HMAC integrity on each, reconstructs the entity map via Double XorIDA, and returns the full PII mapping for document restoration.

Section 06

Security Properties

Property	Mechanism	Guarantee
PII Separation	L1-L3 multi-layer redaction	Zero PII in digital archive
Entity Map Secrecy	Double XorIDA (GF(2))	Information-theoretic; <K shares = zero leakage
Fault Tolerance	K-of-N threshold	Survives loss of N-K locations
Integrity	HMAC-SHA256 per share	Tamper detection before reconstruction
Durability	Archival paper + UV ink	50+ year physical retention

PII in digital store

50+

Year durability

2.0x

Storage overhead

<1ms

Typical payload

VERIFIED BY XPROVE

Verifiable Data Protection

Every operation in this ACI produces a verifiable audit trail via xProve. HMAC-chained integrity proofs let auditors confirm that data was split, stored, and reconstructed correctly — without accessing the data itself.

XPROVE AUDIT TRAIL

Every XorIDA split generates HMAC-SHA256 integrity tags. xProve chains these into a tamper-evident audit trail that proves data was handled correctly at every step. Upgrade to zero-knowledge proofs when regulators or counterparties need public verification.

Read the xProve white paper →

GET STARTED

Ready to deploy xArchive?

Talk to Ren, our AI sales engineer, or book a live demo with our team.

Book a Demo

VERIFIABLE WITHOUT CODE EXPOSURE

Ship Proofs, Not Source

xArchive generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.

XPROVE CRYPTOGRAPHIC PROOF

Download proofs:

Tier 1 HMAC (~0.7KB)
Tier 2 Commit-Reveal (~0.5KB)
Tier 3 IT-MAC (~0.3KB)
Tier 4 KKW ZK (~0.4KB)

Verify proofs online →

Use Cases

🏛️

REGULATORY

FDA / SEC Submissions

Prove algorithm correctness for distributed systems without exposing trade secrets or IP.

Zero IP Exposure

🏦

FINANCIAL

Audit Without Access

External auditors verify secure operations without accessing source code or production systems.

FINRA / SOX Compliant

🛡️

DEFENSE

Classified Verification

Security clearance holders verify distributed systems correctness without clearance for source code.

CMMC / NIST Ready

🏢

ENTERPRISE

Procurement Due Diligence

Prove security + correctness during RFP evaluation without NDA or code escrow.

No NDA Required

Deployment Options

🌐

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

Zero infrastructure setup
Automatic updates
99.9% uptime SLA
Enterprise SLA available

View Pricing →

📦

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

npm install @private.me/xarchive
TypeScript/JavaScript SDK
Full source access
Enterprise support available

Get Started →

🏢

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

Complete data sovereignty
Air-gap capable deployment
Custom SLA + dedicated support
Professional services included

Request Quote →

Enterprise On-Premise Deployment

While xArchive is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
Air-gapped environments — SCIF, classified networks, offline operations
Data residency requirements — EU GDPR, China data laws, government mandates
Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →