PRIVATE.ME PLATFORM

xDose: Pharmaceutical Formula Protection

XorIDA splits proprietary drug formulas across independent R&D sites. No single site holds a reconstructable formula. Every share HMAC-signed for tamper detection.

Healthcare / Pharma COMING SOON XorIDA Powered

Section 01

The Problem

Proprietary drug formulas stored at single R&D sites are targets for industrial espionage. A single insider threat can leak a billion-dollar formula.

Pharmaceutical companies spend an average of $2.6 billion developing a single new drug. The complete formula -- active ingredients, excipients, ratios, manufacturing process parameters -- represents the core intellectual property. A single breach, insider threat, or state-sponsored espionage operation can expose this entire investment.

Traditional security relies on access control and encryption with a single key. If the key is compromised, the formula is exposed. If a privileged insider copies the data, no amount of perimeter security can prevent the leak. The formula needs protection that does not depend on any single trust point.

The Old Way

Section 02

The PRIVATE.ME Solution

XorIDA splits formula data across independent R&D sites. No single site holds a reconstructable formula. Reconstruction requires threshold cooperation between independently governed facilities.

Each formula is split into N shares distributed across physically separate, independently administered R&D sites. Reconstruction requires K shares from K different sites, ensuring that no single site director, IT administrator, or insider can reconstruct the formula without authorized cooperation from other sites.

Every share is HMAC-signed for tamper detection. Any modification to a share -- even a single bit flip -- is detected before reconstruction proceeds. The system creates an immutable audit trail of every access attempt.

The New Way

Section 02B

Fast Onboarding: 3 Acceleration Levels

Traditional prescription management systems require manual DEA registration, pharmacy network configuration, and custodian coordination. xDose collapses this to 15 seconds with zero-click accept, 90 seconds with one-line CLI, and 10 minutes with deploy buttons.

Level 1: Zero-Click Accept

15 seconds — Auto-accept invite from env var. No manual DID setup, no custodian coordination.

Pharmacy CLI

# .env file
XDOSE_INVITE_CODE=XDOSE-abc123

# Auto-accept on first use
npx @private.me/xdose issue \
  --prescriber-dea AS1234563 \
  --patient-id patient-456 \
  --drug "Oxycodone HCl 5mg" \
  --schedule II \
  --quantity 30 \
  --refills 0

# ✅ Invite auto-accepted
# ✅ Ready to issue prescriptions

Level 2: One-Line CLI

90 seconds — Generates pharmacy DID, saves to .env, ready for first prescription.

CLI

# Install and initialize
npx @private.me/xdose init

# Output:
# ✅ Pharmacy DID generated
# ✅ Saved to .env
# ✅ DEA/state board custodians registered
# Ready to issue prescriptions

Level 3: Deploy Button

10 minutes — One-click Vercel/Netlify/Railway deployment for compliance server + share distribution.

Deploy Button

# Click one button:
Vercel Deploy Button
Netlify Deploy Button

# Provisions:
# ✅ DEA compliance validation server
# ✅ Pharmacy share storage (encrypted)
# ✅ Diversion reporting dashboard
# ✅ Fill tracking + audit trail

Why this matters

Traditional systems require weeks of DEA paperwork, pharmacy network contracts, and IT coordination. xDose onboarding completes in 15 seconds via auto-accept invite. Pharmacy DID auto-generated, custodians pre-registered, ready to issue prescriptions immediately. Zero manual configuration.

Integration Examples

All three speed tiers use the same API. Choose based on your deployment needs:

Node.js/TypeScript (Zero-Click)

import { PrescriptionManager } from '@private.me/xdose';

// Auto-accept invite from env var (XDOSE_INVITE_CODE)
const manager = new PrescriptionManager();

// Issue first prescription (auto-initializes)
const result = await manager.issuePrescription({
  prescription: {
    prescriberId: 'dr-smith-123',
    prescriberDeaNumber: 'AS1234563',
    prescriberNpi: '1234567890',
    patientId: 'patient-456',
    drugName: 'Oxycodone HCl 5mg',
    schedule: 'II',
    quantity: 30,
    refills: 0,
  },
  threshold: 2,
  totalShares: 3,
  custodians: [pharmacy, dea, stateBoard],
});

// ✅ Prescription split (2-of-3)
// ✅ Shares distributed to custodians
// ✅ Ready to fill at pharmacy

15s

Zero-click setup

90s

CLI initialization

10min

Deploy button

2-of-3

Default threshold

Section 03

How It Works

A secure pipeline ensures formula data never exists in reconstructable form outside the authorized manufacturing or research environment.

Key Security Properties

Insider-proof: No single employee, administrator, or site director can reconstruct the formula alone. Tamper-evident: Per-share HMAC detects any modification attempt. Audit trail: Every reconstruction attempt is logged with full provenance.

Section 04

Use Cases

💊

Drug Development

Drug Formula Custody

Split proprietary drug formulations across independent R&D sites so no single site compromise can expose the complete formula. Threshold-based access for authorized researchers.

IP Protection

🏭

Manufacturing

Manufacturing Site Distribution

Distribute manufacturing process parameters across production facilities. Each facility holds only the shares needed for its stage, never the complete formula.

Supply Chain

🔬

Contract Research

Contract Research Protection

Share formula data with CROs (Contract Research Organizations) without exposing the complete formulation. CROs receive only the shares needed for their specific analysis.

Outsourced R&D

🛡

Supply Chain

Supply Chain Security

Protect active pharmaceutical ingredient (API) specifications as they move through the supply chain. Each node holds only threshold shares, preventing counterfeiting.

Anti-Counterfeit

Section 05

Integration

Quick Start

import { protectFormula, reconstructFormula } from '@private.me/pharmasplit';

// Split formula across 3 R&D sites (2-of-3 threshold)
const shares = await protectFormula(formulaBuffer, {
  sites: ['boston', 'basel', 'tokyo'],
  n: 3,
  k: 2
});

// Reconstruct with cooperation from any 2 sites
const formula = await reconstructFormula(
  [shares[0], shares[1]]
);

protectFormula(formula: Buffer, sites: string[], config: { n: number, k: number }): Promise<FormulaShare[]>

Splits proprietary formula data into N shares distributed across specified R&D sites with K-of-N threshold reconstruction. Each share is HMAC-signed and tagged with site metadata. Access control validation enforced before every operation.

Section 06

Security Properties

Property	Mechanism	Guarantee
Insider Protection	K-of-N threshold across independent sites	No single insider can reconstruct the formula
Tamper Detection	Per-share HMAC-SHA256	Any modification detected before reconstruction
Audit Trail	Immutable access logging	Every reconstruction attempt fully traceable
Quantum Resistance	Information-theoretic security (GF(2))	No computational assumption to break
Site Independence	Separate administrative domains	No single governance structure controls all shares

<1ms

Typical payload

K-of-N

Configurable threshold

0 bytes

Exposed per insider

GF(2)

Quantum-proof algebra

VERIFIED BY XPROVE

Verifiable Data Protection

Every operation in this ACI produces a verifiable audit trail via xProve. HMAC-chained integrity proofs let auditors confirm that data was split, stored, and reconstructed correctly — without accessing the data itself.

XPROVE AUDIT TRAIL

Every XorIDA split generates HMAC-SHA256 integrity tags. xProve chains these into a tamper-evident audit trail that proves data was handled correctly at every step. Upgrade to zero-knowledge proofs when regulators or counterparties need public verification.

Read the xProve white paper →

GET STARTED

Ready to deploy xDose?

Talk to Ren, our AI sales engineer, or book a live demo with our team.

Book a Demo

VERIFIABLE WITHOUT CODE EXPOSURE

Ship Proofs, Not Source

xDose generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.

XPROVE CRYPTOGRAPHIC PROOF

Download proofs:

Tier 1 HMAC (~0.7KB)
Tier 2 Commit-Reveal (~0.5KB)
Tier 3 IT-MAC (~0.3KB)
Tier 4 KKW ZK (~0.4KB)

Verify proofs online →

Use Cases

🏛️

REGULATORY

FDA / SEC Submissions

Prove algorithm correctness for distributed systems without exposing trade secrets or IP.

Zero IP Exposure

🏦

FINANCIAL

Audit Without Access

External auditors verify secure operations without accessing source code or production systems.

FINRA / SOX Compliant

🛡️

DEFENSE

Classified Verification

Security clearance holders verify distributed systems correctness without clearance for source code.

CMMC / NIST Ready

🏢

ENTERPRISE

Procurement Due Diligence

Prove security + correctness during RFP evaluation without NDA or code escrow.

No NDA Required

Deployment Options

🌐

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

Zero infrastructure setup
Automatic updates
99.9% uptime SLA
Enterprise SLA available

View Pricing →

📦

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

npm install @private.me/xdose
TypeScript/JavaScript SDK
Full source access
Enterprise support available

Get Started →

🏢

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

Complete data sovereignty
Air-gap capable deployment
Custom SLA + dedicated support
Professional services included

Request Quote →

Enterprise On-Premise Deployment

While xDose is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
Air-gapped environments — SCIF, classified networks, offline operations
Data residency requirements — EU GDPR, China data laws, government mandates
Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →