xCleared: Zero-Trust Classified Info Sharing

Section 01

The Problem

Classified information sharing between intelligence agencies and cleared contractors requires trust in individual clearance holders, but insider threats remain the top intelligence community risk.

The DNI’s March 2026 mandate for zero-trust classified sharing reflects decades of insider threat incidents. A single cleared individual with access to classified data can exfiltrate entire programs.

Current compartmentalization relies on access controls that privileged insiders can bypass. Need-to-know is a policy, not a cryptographic guarantee. SCI markings don’t prevent copying.

The Old Way

Section 02

The PRIVATE.ME Solution

xCleared uses XorIDA threshold authorization where classified documents are split so that K-of-N clearance holders must cooperate to access them. No single individual holds enough data to reconstruct any classified document.

Classified documents are XorIDA-split across independent secure compartments. Reconstruction requires threshold cooperation of K clearance holders, each authenticated via DID identity and authorized via xLock push-auth.

Every reconstruction is HMAC-logged with clearance verification, purpose, and timestamp. The audit trail is itself XorIDA-split to prevent log tampering by insiders.

The New Way

Section 03

How It Works

xCleared combines XorIDA classified document splitting with DID-authenticated clearance verification and threshold-authorized reconstruction.

Key Security Properties

Classified documents are XorIDA-split. No single clearance holder sees complete documents. Reconstruction requires K-of-N cooperation. Audit trails are themselves XorIDA-split against insider tampering.

Section 04

Use Cases

🛡️

Intelligence

IC Information Sharing

Threshold-controlled classified info sharing across intelligence agencies.

IC

🏛️

Defense

DoD Classified Access

Zero-trust classified document access with multi-party reconstruction.

DoD

🔒

Security

Insider Threat Defense

Cryptographic enforcement of need-to-know via threshold splitting.

Insider

📋

Compliance

Audit Trail Protection

XorIDA-split audit trails preventing insider log tampering.

Audit

Section 05

Integration

Quick Start

import { ClassifiedVault } from '@private.me/classifiedsplit';

const vault = await ClassifiedVault.create({
  classification: 'TS/SCI',
  compartments: [compA, compB, compC],
  threshold: { k: 2, n: 3 }
});

ClassifiedVault.create(opts): Promise<Result<ClassifiedVault, ClassError>>

Creates a threshold-controlled classified document vault with DID-authenticated clearance verification and multi-party reconstruction.

Section 06

Security Properties

Property	Mechanism	Guarantee
Documents	XorIDA K-of-N split	✓ Information-theoretic
Clearance	DID + xLock verify	✓ Per-reconstruction check
Audit	XorIDA-split logs	✓ Insider-tamper-proof
Authorization	Threshold K-of-N	✓ Multi-party required

$18.4B

Classified IT TAM

K-of-N

Threshold access

Zero

Trust

Section 07

Benchmarks

Performance characteristics measured on Node.js 22, Apple M2. xCleared enables classified document sharing with sub-10ms cryptographic overhead — network delivery dominates total latency.

<1ms

Doc Split

~5ms

Secure Delivery

<0.1ms

Clearance Check

0 bits

Per-share Exposure

Operation	Time	Notes
XorIDA split 1 KB document	~58µs	2-of-2 threshold split over GF(2)
XorIDA split 10 KB document	~0.5ms	Typical classified memo
XorIDA split 100 KB document	~5ms	Report with embedded graphics
HMAC-SHA256 tag per share	<0.1ms	Integrity verification
Clearance level validation	<0.1ms	DID + clearance level lookup
xLink secure delivery	~5ms	Split-channel V3 with PQ KEM
Reconstruct from shares	~58µs–5ms	Size-dependent: HMAC verify + XOR
Audit log entry	<0.5ms	HMAC-chained access record

Classified Sharing Architecture Comparison

Property	SIPRNet	S/MIME	Cross-Domain Solution	xCleared
Network required	Dedicated classified network	Any network	Hardware appliance	Any network
Setup cost	$100K+ per site	PKI certificates	$500K+ appliance	npm install
Key management	NSA-managed	PKI hierarchy	HSM required	No keys (IT-secure)
Quantum resistance	NSA Suite A	RSA/ECC	Hardware-dependent	Information-theoretic
Audit capability	Classified logs	Email headers	Device logs	HMAC-chained + xProve

VERIFIABLE WITHOUT CODE EXPOSURE

Ship Proofs, Not Source

xCleared generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.

XPROVE CRYPTOGRAPHIC PROOF

Download proofs:

Tier 1 HMAC (~0.7KB)
Tier 2 Commit-Reveal (~0.5KB)
Tier 3 IT-MAC (~0.3KB)
Tier 4 KKW ZK (~0.4KB)

Verify proofs online →

Use Cases

🏛️

REGULATORY

FDA / SEC Submissions

Prove algorithm correctness for distributed systems without exposing trade secrets or IP.

Zero IP Exposure

🏦

FINANCIAL

Audit Without Access

External auditors verify secure operations without accessing source code or production systems.

FINRA / SOX Compliant

🛡️

DEFENSE

Classified Verification

Security clearance holders verify distributed systems correctness without clearance for source code.

CMMC / NIST Ready

🏢

ENTERPRISE

Procurement Due Diligence

Prove security + correctness during RFP evaluation without NDA or code escrow.

No NDA Required

Section 08

Honest Limitations

Five known limitations documented transparently. xCleared provides cryptographic infrastructure for classified sharing, not a replacement for accredited systems.

Limitation	Impact	Mitigation
Not a certified Cross-Domain Solution	xCleared has not undergone NSA/NIAP evaluation for cross-domain data transfer. It cannot be used as the sole CDS for classified-to-unclassified transfers without additional accreditation.	xCleared is designed to operate within an existing security architecture, not replace it. The cryptographic layer adds defense-in-depth to accredited systems. Certification pursuit is planned.
Requires authenticated endpoints	Both sender and recipient must have xLink-authenticated DID identities. Anonymous or ad-hoc sharing is not supported.	DID-based identity is intentional — classified sharing requires strong authentication. xID provides identity infrastructure with ephemeral presentations for unlinkability.
No classification label enforcement	xCleared verifies clearance levels but does not enforce or propagate classification labels (UNCLASSIFIED, SECRET, TOP SECRET) at the document metadata level.	Classification labeling is a policy function handled by the document management system. xCleared provides the cryptographic transport layer; policy enforcement sits above it.
Offline recipient cannot receive	Recipients must be online to receive xLink-delivered shares. Classified documents cannot be pre-staged for offline recipients.	xStore can pre-stage encrypted shares for later retrieval. The recipient authenticates and retrieves shares when connectivity is available. TTL controls ensure time-bounded access.
US-centric compliance mapping	Current compliance documentation maps to US frameworks (NIST 800-53, FedRAMP, CMMC). International frameworks (NATO, EU, Five Eyes) require separate analysis.	The cryptographic properties (IT-secure, no keys, quantum-proof) are jurisdiction-agnostic. Compliance mapping for international frameworks is planned. The underlying technology works regardless of regulatory context.

VERIFIED BY XPROVE

Cryptographic Proof of Correctness

This ACI's computations can be cryptographically verified by xProve — so regulators, auditors, and counterparties can confirm results without re-running the computation or accessing the underlying data.

XPROVE INTEGRATION

Tier 1: HMAC audit trail — always on, ~1.3x overhead.
Tier 2: Commit-and-reveal — anti-equivocation for Beaver triples.
Tier 3: IT-MACs — malicious-security detection between parties.
Tier 4: KKW zero-knowledge proofs — publicly verifiable, ~50 KB, post-quantum.

Read the xProve white paper →

GET STARTED

Ready to deploy xCleared?

Talk to Ren, our AI sales engineer, or book a live demo with our team.

Book a Demo