3.1 Zero-Knowledge Local-First Architecture
SecretMemoryLocker is engineered on the principle of Total Data Sovereignty. Unlike cloud-based password managers, our protocol ensures that the cryptographic boundary never extends beyond the user’s local RAM.
The Stateless Model: The architecture follows a "Pure Function" paradigm. The system does not possess a persistent identity or a master database to exploit.
- Memory-Only Existence: All sensitive parameters exist exclusively in volatile memory. There is no "data at rest" except for the final encrypted payload.
- Isolation by Design: By eliminating traditional local databases, we remove the entire attack surface associated with SQL injections, unauthorized file access, or third-party storage exploits.
3.2 Asymmetric Resilience: Human vs. Machine
The protocol is designed to exploit the natural asymmetry between human cognitive recall and silicon-based brute force.
- Hardware Hardening (Argon2id): We utilize Argon2id to enforce memory-hard constraints. This forces an attacker to dedicate massive physical RAM resources for every single guess, neutralizing the cost-advantage of GPU and ASIC clusters.
- Authenticated Integrity (AEAD): Using ChaCha20-Poly1305, the protocol ensures Authenticated Encryption. Any attempt to tamper with the encrypted data without the correct key results in an immediate authentication failure before any data is processed.
3.3 The Semantic Normalization Layer
To bridge the gap between rigid cryptography and the fluid nature of human memory, the protocol includes a Semantic Normalization Layer. This prevents "Input Fragility" where minor typos could lead to permanent data loss.
The layer applies a deterministic transformation: Stripping Whitespace → Case Unification → Unicode NFKD Normalization.
Example: "New York " and "new york" generate the exact same cryptographic entropy, ensuring reliability without sacrificing security.
3.4 Entropy Stacking & Fusion Logic
The Master Key is not a single secret, but a Fusion of cognitive and physical entropy sources. This process, known as Entropy Stacking, ensures that even a compromised "memory" is insufficient to break the vault without the physical anchor.
Kmaster = Argon2id( H(Memories) ⊕ H(Physical_Anchor), Salt, T, M, P )
The symbol ⊕ represents the cryptographic fusion of distinct entropy domains.
Security Margin:
- Cognitive Entropy: A 5-answer sequence typically yields ~160–200 bits of entropy.
- Physical Entropy: The file-hash salt adds another 256 bits of uniqueness.
- Result: The combined key strength significantly exceeds the 256-bit requirement for post-quantum resistance in symmetric encryption.
3.5 "Phantom-Step" Protocol (Blind State Transition)
The "Phantom-Step" is a theoretical breakthrough in sequential decryption. It ensures that the system remains "blind" to the depth of the security chain.
- Recursive Decryption: Prompt N+1 is encrypted using the hash of Answer N. The application literally does not "know" what the next question is until the current one is solved.
- State Isolation: This prevents forensic memory tools from mapping the entire security sequence. Only the current step is ever visible in memory.
- Non-Linear Failure: Any deviation in the chain causes the cryptographic path to diverge exponentially, leading to a "Dead End" where the final payload remains indistinguishable from random noise.