xCleared: Zero-Trust Classified Info Sharing
Threshold-authorized classified information sharing for IC and DoD communities. K-of-N clearance holders must cooperate to reconstruct sensitive intelligence.
Fast Onboarding: 3 Acceleration Levels
Traditional classified information sharing requires manual PKI setup, security officer coordination, and multi-week clearance verification. Xcleared collapses this to 15 seconds with zero-click accept, 90 seconds with one-line CLI, and 10 minutes with deploy buttons.
// .env file XCLEARED_INVITE_CODE=XCL-abc123 // Auto-accept on first use import { createClassifiedDataManager } from '@private.me/xcleared'; const manager = createClassifiedDataManager(); const result = await manager.classify(data, { classification: 'TS', threshold: 2, requiredClearances: ['TS', 'TS'] }); // ✅ Invite auto-accepted, data classified
.env, classifies first data.# Install and initialize npx @private.me/xcleared init # Output: # ✅ Clearance DID generated # ✅ Saved to .env # ✅ Clearance registry configured # Ready to classify data # Classify your first data npx @private.me/xcleared classify \ --input ./intel-report.txt \ --classification TS \ --threshold 2 \ --clearances TS,TS
- Clearance verification service
- W3C Verifiable Credentials
- Share storage (encrypted at rest)
- Security officer dashboard
- Audit exports
Each clearance holder who receives a share becomes a potential inviter. The 15-second zero-click onboarding removes friction for expanding the cleared network. Traditional PKI-based classified sharing requires weeks of security officer coordination — Xcleared collapses this to seconds via invite codes.
Example: Analyst at NSA classifies intel → shares with DIA analyst → DIA analyst auto-accepts invite via env var → now both can classify/share within their networks. Network effect compounds exponentially.
The Problem
Classified information sharing between intelligence agencies and cleared contractors requires trust in individual clearance holders, but insider threats remain the top intelligence community risk.
The DNI’s March 2026 mandate for zero-trust classified sharing reflects decades of insider threat incidents. A single cleared individual with access to classified data can exfiltrate entire programs.
Current compartmentalization relies on access controls that privileged insiders can bypass. Need-to-know is a policy, not a cryptographic guarantee. SCI markings don’t prevent copying.
The Old Way
The PRIVATE.ME Solution
xCleared uses XorIDA threshold authorization where classified documents are split so that K-of-N clearance holders must cooperate to access them. No single individual holds enough data to reconstruct any classified document.
Classified documents are XorIDA-split across independent secure compartments. Reconstruction requires threshold cooperation of K clearance holders, each authenticated via DID identity and authorized via xLock push-auth.
Every reconstruction is HMAC-logged with clearance verification, purpose, and timestamp. The audit trail is itself XorIDA-split to prevent log tampering by insiders.
The New Way
How It Works
xCleared combines XorIDA classified document splitting with DID-authenticated clearance verification and threshold-authorized reconstruction.
Use Cases
Threshold-controlled classified info sharing across intelligence agencies.
ICZero-trust classified document access with multi-party reconstruction.
DoDCryptographic enforcement of need-to-know via threshold splitting.
InsiderXorIDA-split audit trails preventing insider log tampering.
AuditIntegration
import { ClassifiedVault } from '@private.me/classifiedsplit'; const vault = await ClassifiedVault.create({ classification: 'TS/SCI', compartments: [compA, compB, compC], threshold: { k: 2, n: 3 } });
Security Properties
| Property | Mechanism | Guarantee |
|---|---|---|
| Documents | XorIDA K-of-N split | ✓ Information-theoretic |
| Clearance | DID + xLock verify | ✓ Per-reconstruction check |
| Audit | XorIDA-split logs | ✓ Insider-tamper-proof |
| Authorization | Threshold K-of-N | ✓ Multi-party required |
Benchmarks
Performance characteristics measured on Node.js 22, Apple M2. xCleared enables classified document sharing with sub-10ms cryptographic overhead — network delivery dominates total latency.
| Operation | Time | Notes |
|---|---|---|
| XorIDA split 1 KB document | ~58µs | 2-of-2 threshold split over GF(2) |
| XorIDA split 10 KB document | ~0.5ms | Typical classified memo |
| XorIDA split 100 KB document | ~5ms | Report with embedded graphics |
| HMAC-SHA256 tag per share | <0.1ms | Integrity verification |
| Clearance level validation | <0.1ms | DID + clearance level lookup |
| xLink secure delivery | ~5ms | Split-channel V3 with PQ KEM |
| Reconstruct from shares | ~58µs–5ms | Size-dependent: HMAC verify + XOR |
| Audit log entry | <0.5ms | HMAC-chained access record |
Classified Sharing Architecture Comparison
| Property | SIPRNet | S/MIME | Cross-Domain Solution | xCleared |
|---|---|---|---|---|
| Network required | Dedicated classified network | Any network | Hardware appliance | Any network |
| Setup cost | $100K+ per site | PKI certificates | $500K+ appliance | npm install |
| Key management | NSA-managed | PKI hierarchy | HSM required | No keys (IT-secure) |
| Quantum resistance | NSA Suite A | RSA/ECC | Hardware-dependent | Information-theoretic |
| Audit capability | Classified logs | Email headers | Device logs | HMAC-chained + xProve |
Ship Proofs, Not Source
xCleared generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.
- Tier 1 HMAC (~0.7KB)
- Tier 2 Commit-Reveal (~0.5KB)
- Tier 3 IT-MAC (~0.3KB)
- Tier 4 KKW ZK (~0.4KB)
Use Cases
Honest Limitations
Five known limitations documented transparently. xCleared provides cryptographic infrastructure for classified sharing, not a replacement for accredited systems.
| Limitation | Impact | Mitigation |
|---|---|---|
| Not a certified Cross-Domain Solution | xCleared has not undergone NSA/NIAP evaluation for cross-domain data transfer. It cannot be used as the sole CDS for classified-to-unclassified transfers without additional accreditation. | xCleared is designed to operate within an existing security architecture, not replace it. The cryptographic layer adds defense-in-depth to accredited systems. Certification pursuit is planned. |
| Requires authenticated endpoints | Both sender and recipient must have xLink-authenticated DID identities. Anonymous or ad-hoc sharing is not supported. | DID-based identity is intentional — classified sharing requires strong authentication. xID provides identity infrastructure with ephemeral presentations for unlinkability. |
| No classification label enforcement | xCleared verifies clearance levels but does not enforce or propagate classification labels (UNCLASSIFIED, SECRET, TOP SECRET) at the document metadata level. | Classification labeling is a policy function handled by the document management system. xCleared provides the cryptographic transport layer; policy enforcement sits above it. |
| Offline recipient cannot receive | Recipients must be online to receive xLink-delivered shares. Classified documents cannot be pre-staged for offline recipients. | xStore can pre-stage encrypted shares for later retrieval. The recipient authenticates and retrieves shares when connectivity is available. TTL controls ensure time-bounded access. |
| US-centric compliance mapping | Current compliance documentation maps to US frameworks (NIST 800-53, FedRAMP, CMMC). International frameworks (NATO, EU, Five Eyes) require separate analysis. | The cryptographic properties (IT-secure, no keys, quantum-proof) are jurisdiction-agnostic. Compliance mapping for international frameworks is planned. The underlying technology works regardless of regulatory context. |
Cryptographic Proof of Correctness
This ACI's computations can be cryptographically verified by xProve — so regulators, auditors, and counterparties can confirm results without re-running the computation or accessing the underlying data.
Tier 2: Commit-and-reveal — anti-equivocation for Beaver triples.
Tier 3: IT-MACs — malicious-security detection between parties.
Tier 4: KKW zero-knowledge proofs — publicly verifiable, ~50 KB, post-quantum.
Read the xProve white paper →
Ready to deploy xCleared?
Talk to Ren, our AI sales engineer, or book a live demo with our team.
Deployment Options
SaaS Recommended
Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.
- Zero infrastructure setup
- Automatic updates
- 99.9% uptime SLA
- Enterprise SLA available
SDK Integration
Embed directly in your application. Runs in your codebase with full programmatic control.
npm install @private.me/xcleared- TypeScript/JavaScript SDK
- Full source access
- Enterprise support available
On-Premise Upon Request
Enterprise CLI for compliance, air-gap, or data residency requirements.
- Complete data sovereignty
- Air-gap capable deployment
- Custom SLA + dedicated support
- Professional services included
Enterprise On-Premise Deployment
While xCleared is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:
- Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
- Air-gapped environments — SCIF, classified networks, offline operations
- Data residency requirements — EU GDPR, China data laws, government mandates
- Custom integration needs — Embed in proprietary platforms, specialized workflows
Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.