# BlackVoice Technologies — Complete Technical Documentation # MAPonME Secure Social & Communication Platform # Last Updated: February 15, 2026 # Website: https://blackvoice.tech --- ## 1. PLATFORM OVERVIEW BlackVoice Technologies (product name: MAPonME) is a free, privacy-focused social and communication platform providing end-to-end encrypted messaging, community building, and collaborative activities. The platform prioritizes user data protection with industry-standard cryptography, client-side key management, and a Server-Blind Architecture. ### Key Facts - **Developer**: Valentin Gheorghiu (amateur radio callsign YO9BX) - **Location**: European Union (Romania) - **EUIPO Trademark**: Registered - **Business Model**: 100% Free, non-commercial, supported by donations - **Platforms**: Web (Progressive Web App), iOS, Android - **Source Code**: Closed-source (proprietary) - **External Audit**: Planned (Trail of Bits or Cure53) when funding is obtained - **Internal Audit**: QuantumVault™ v2.0 audit completed February 2026 (47 tests, 0 critical issues, 100% NIST KAT pass) ### Technology Stack - **Frontend**: React 18+ with TypeScript, Wouter router, Shadcn UI, TanStack Query, WebSocket, Service Worker, Web Workers, Vite bundler - **Backend**: Node.js with Express.js, TypeScript, PostgreSQL with Drizzle ORM - **Authentication**: OpenID Connect (OIDC) via Replit Auth with Passport.js - **Real-time**: WebSocket Server with persistent connections, aggressive heartbeats, Wake Lock API - **Storage**: PostgreSQL (Neon Database), Google Cloud Storage (file attachments, voice messages) - **Infrastructure**: Replit Deployments, Replit Object Storage, TLS 1.3 --- ## 2. CRYPTOGRAPHIC ARCHITECTURE ### 2.1 Post-Quantum Cryptography: QuantumVault™ v2.0 (Production-Ready) QuantumVault™ v2.0 implements NIST-standardized post-quantum cryptographic algorithms: **Key Encapsulation (NIST FIPS 203 — ML-KEM-768, formerly CRYSTALS-Kyber):** - Module Lattice-Based Key Encapsulation Mechanism at security level 3 - Provides approximately AES-192 equivalent security against quantum attacks - Performance: ~2,300 encapsulation operations per second - Resistant to Shor's algorithm quantum attacks **Digital Signatures (NIST FIPS 204 — ML-DSA-65, formerly CRYSTALS-Dilithium):** - Module Lattice-Based Digital Signature Algorithm at security level 3 - Performance: ~1,800 signature operations per second - Resistant to Grover's algorithm quantum attacks **Subsystems:** - CrystalMatrix™ — Key generation (0.43ms average) - LatticeSignature™ — Digital signatures (1.24ms average) - ChronoShield™ — Automatic key rotation every 5 minutes - HybridCipher™ — Encryption pipeline: ML-KEM-768 → HKDF-SHA256 → AES-256-GCM - QuantumMesh™ — Distributed key management **Validation:** - 47 cryptographic tests executed (0 critical issues) - 100% pass rate on NIST Known Answer Tests (KAT) for: - Key generation - Key encapsulation - Key decapsulation - Digital signatures - Signature verification - Confirmed resistance to Shor's and Grover's quantum algorithms - Implementation uses @noble/post-quantum library ### 2.2 Classical Encryption **Message Encryption:** - AES-256-GCM (Galois/Counter Mode) for all message content - Client-side encryption/decryption via Web Crypto API - Unique nonce per message, authenticated encryption **Key Exchange:** - ECDH P-256 (Elliptic Curve Diffie-Hellman) for Private Chat key agreement - Client-side key generation and derivation **Key Derivation:** - HKDF-SHA256 (HMAC-based Key Derivation Function) - PBKDF2 for password-based key derivation (off-thread via CryptoWorker) ### 2.3 Perfect Forward Secrecy (PFS) Smart Chat implements the Signal Protocol for Perfect Forward Secrecy: **X3DH (Extended Triple Diffie-Hellman):** - Initial key agreement using: - Identity key (long-term) - Signed prekey (medium-term, rotated periodically) - One-time prekey (single use, consumed after initial message) **Double Ratchet Algorithm:** - Derives a unique encryption key per message - DH Ratchet: New Diffie-Hellman exchange per message turn - Hash Ratchet: KDF chain advancement per message - Properties: - Forward secrecy: Compromising current keys reveals no past messages - Break-in recovery: Compromising current keys reveals no future messages - Post-compromise security: New DH exchange restores security **Implementation:** - Smart Chat uses separate database infrastructure - Dual AES-256-GCM encryption layers plus KeyFortress™ protection - ForwardSecrecyMonitor™ continuously verifies PFS chain integrity - BlackPTT™ (walkie-talkie) also uses PFS ### 2.4 Key Protection: KeyFortress™ KeyFortress™ protects encryption keys using: - **Shamir's Secret Sharing**: Keys split into shares requiring threshold for reconstruction - **100 Decoy Keys**: Legitimate keys mixed with cryptographically valid decoys - **5-second Rotation**: Key protection state refreshed every 5 seconds - **Client-side Only**: All key operations happen in browser, never server ### 2.5 Attachment Encryption: Black Encryption™ Proprietary attachment encryption system for files, images, and voice messages: - Client-side encryption before upload - Encrypted storage in Google Cloud Storage - Decryption key shared via encrypted message channel - Support for images, documents, voice messages ### 2.6 Location Encryption™ End-to-end encryption for Black MapShare locations: - Up to 100 custom locations with 21 categories - Client-side encryption before storage - Distinct colors and SVG icons per category - Integration with Leaflet maps and Google Maps ### 2.7 Emergency Data Encryption™ End-to-end encryption for emergency-related data: - GPS coordinates encrypted client-side - Emergency contacts protected - Check-in schedules encrypted --- ## 3. SERVER-BLIND ARCHITECTURE (Zero-Knowledge Design) BlackVoice Technologies implements a Server-Blind Architecture where the server acts exclusively as an encrypted data relay. ### Client-Side Operations (User's Browser): - All key generation: ECDH P-256, AES-256, PFS session keys, ML-KEM-768 - All message encryption and decryption (AES-256-GCM) - All file encryption (Black Encryption™) - Signal Protocol Double Ratchet state management - Location Encryption™ - WebAuthn biometric processing - Personal notes encryption - IndexedDB encrypted local storage ### Server-Side Operations (Cannot Access Plaintext): - Storing encrypted ciphertext blobs - WebSocket message relay - Public key exchange facilitation - Penta-Layer Security monitoring (metadata only) - OIDC authentication - GDPR data retention cleanup (encrypted data only) ### Key Property: Even under legal compulsion (law enforcement requests, court orders), BlackVoice Technologies cannot provide message content because the server genuinely does not possess decryption keys. This is a technical limitation, not a policy choice. --- ## 4. PENTA-LAYER SECURITY ARCHITECTURE ### Layer 1: HyperFractal Sentinel™ - Perimeter defense system - Threat detection through pattern analysis - Entropy analysis for anomaly detection - First-line defense against attacks ### Layer 2: Obsidian Aegis™ - Behavioral analysis engine - Runtime integrity monitoring - Subsystems: - QueryWard™ — Database query protection - CodeSanctum™ — Code integrity verification - FluxGuardian™ — Data flow monitoring - ShadowNet™ — Dark pattern detection - AbyssWatcher™ — Deep threat monitoring ### Layer 3: VortexMind™ - Rule-based adaptive threat detection - Cognitive-defensive analysis - Subsystems: - Spectrix™ — Spectral analysis - Synthrion™ — Synthetic threat detection - Seqtrix™ — Sequential pattern analysis - Nexylon™ — Network behavior analysis - Oraclyx™ — Predictive threat assessment - Pulsynk™ — Pulse synchronization monitoring ### Layer 4: UnityMesh™ v1.0 - Security orchestration layer - Coordinates all security systems - Subsystems: - LocalhostShield™ — Local environment protection - ContextualTrust™ — Context-aware trust scoring - FluidGuard™ — Dynamic security adjustment - DigestOptimizer™ — Security data aggregation - PolicyEngine™ — Security policy enforcement ### Layer 5: QuantumVault™ v2.0 - Post-quantum cryptography core (see Section 2.1) - Final defense layer - Future-proof against quantum computing ### SwarmMind™ v3.0 — Distributed Cognitive Defense Engine - Codename: ANT_COLONY_APEX - Architecture: Ant colony-inspired emergent intelligence with 8 autonomous security "ants" - No central controller — collective intelligence emerges from ant interactions via HiveBus™ - Zero CPU overhead (pure EventEmitter, no polling), 100% volatile RAM memory - Implementation: server/swarmMind.ts (1713 lines, Singleton pattern) **5 Core Subsystems:** 1. **HiveBus™** — EventEmitter signal routing with SignalPriority™ 4-tier priority system - Critical: synchronous, instant delivery (SQL injection, XSS, auth bypass, credential stuffing) - High: async batch 20 (brute force, path traversal, honeypot trigger) - Normal: async batch 10 (rate limit, suspicious pattern, bot detected) - Low: async batch 5 (anomaly detected, geo anomaly) - Per-source flood throttling: Critical 1000/min, High 500/min, Normal 200/min, Low 100/min - Severity-based priority escalation: ≥0.9 → CRITICAL, ≥0.7 LOW→NORMAL 2. **EphemeralRules™** — Self-evolving temporary security rules - Pattern extraction from attacks (IP, fingerprint, user-agent, composite) - Initial TTL: 1 hour, auto-promotion to 24h after 3 independent confirmations - Actions: block (>0.8), throttle (>0.6), challenge (>0.3), monitor (<0.3) - Natural death: unconfirmed rules expire automatically 3. **AttackerDNA™** — Personalized honeypot generation - Attacker fingerprint: IP + User-Agent + Accept-Language + detected pattern hash - Deterministic hash generates unique "DNA" per attacker - Each attacker sees different fake admin panels, synthetic API responses, calibrated delays 4. **CollectiveConsensus™** — Multi-system quorum voting - All active ants cast weighted votes (block/throttle/monitor/allow) - Minimum quorum: 3 ants - ConsensusTimeout™: 15s timeout, highest-confidence fallback 5. **SwarmMemory™** — Volatile collective intelligence - Attack patterns: 30min TTL - Attacker reputations: 1h TTL - Rule effectiveness: 15min TTL - 100% volatile — RAM only, auto garbage-collected **8 Security Ants:** | Ant | Role | Confidence | |-----|------|-----------| | VortexMind | Rule-based threat detection, pattern correlation | 0.9 | | FractalGuardian | Fractal pattern analysis, entropy detection | 0.85 | | BreachSentinel | SQL injection, admin protection, data exfiltration | 0.95 | | HyperFractal | Advanced perimeter pattern analysis | 0.88 | | ObsidianAegis | Session behavioral analysis, anomaly detection | 0.87 | | EnhancedSecurity | General security monitoring, rate limiting | 0.82 | | PhantomShield | Cyber deception, honeypot management | 0.80 | | NeuralAnt | WebSocket security monitoring, ML-powered behavioral analysis | 0.92 | **v2.0 Upgrades:** - EncryptedSnapshot™: AES-256-GCM encrypted colony memory persistence (1h max age, auto-delete after restore) - SignalPriority™: 4-tier priority routing with per-source flood throttling - AntHealthCheck™: 30s heartbeat monitoring, 90s timeout, automatic unhealthy detection - ConsensusTimeout™: 15s vote timeout with highest-confidence fallback - ThreatMemory™: Encrypted short-TTL attacker profile persistence **v3.0 Upgrades (February 2026):** - OracleQueen™: Predictive threat intelligence with SlowStrike detection (48h), adaptive thresholds, BlindSpot mapping - ChronoSense™: Temporal anomaly detection across request patterns - GhostFingerprint™: Invisible threat markers replacing duplicated User-Agent fingerprinting - ConsensusShield™: Byzantine fault-tolerant voting with quorum=3, veto power for VortexMind+BreachSentinel, entropy voting - NeuralAnt™: 8th ant dedicated to WebSocket security monitoring and ML-powered behavioral analysis - InsiderVeil™: Insider threat detection monitoring authenticated users (no full bypass) - QuantumVault™ integration: Post-quantum hybrid encryption (real ML-KEM-768 via @noble/post-quantum + AES-256-GCM + SHA3-256) for snapshots, backward-compatible with v2.0 - AdaptiveTTL™: Dynamic attacker profile TTL scaling — 1h base to 8h max based on threat score - PriorityQueues™: Separate async processing queues per priority tier (Critical 50, High 20, Normal 10, Low 5) via setImmediate() - LiveRegeneration™: 3x pattern/reputation boost during 5-minute post-restart window for rapid colony knowledge rebuilding --- ## 5. ADDITIONAL SECURITY SYSTEMS ### ShadowCloak™ v1.0 Third-party tracking protection: - Blocks tracking scripts - Prevents fingerprinting - Cookie isolation - Referrer sanitization ### BreachSentinel™ v1.0 Anti-breach protection: - Anti-injection defenses - Subsystems: - SQLForge™ — SQL injection prevention - AdminVault™ — Admin panel protection - Input sanitization - Request validation ### ScreenGuard™ v1.0 Screen recording detection: - FrameAnalyzer™ — Frame rate monitoring - Canvas fingerprint detection - Screen capture API monitoring - Alert system for detected recording ### PhantomShield™ v1.0 Advanced cyber deception system: - Honeypot endpoints - Deceptive responses for attackers - Attack pattern tracking - Automated threat intelligence ### InnerVeil™ Behavioral Intelligence User behavior analysis without profile storage: - Instability measurement - Anomaly detection - No behavioral profiles stored (privacy-preserving) - Real-time assessment only ### CipherGuard™ Intelligent Key Protection Key lifecycle management: - Key rotation scheduling - Key strength validation - Compromise detection - Automatic key renewal ### FluidityGuardian™ v1.0 (Codename: PHOENIX_FLOW) Zero-blackscreen recovery system: - **AppShell™** — Instant UI shell rendering - **StatePersist™** — State preservation across errors - **PredictiveLoad™ v2.0** — Behavior-based smart prefetching with Markov transition matrix - **SilentRecovery™** — Background error recovery - **OfflineFirst™** — Offline-capable architecture ### FractalKeyShield™ Encryption key integrity protection: - Key tampering detection - Key integrity verification - Cryptographic checksums ### FractalIdentityShield™ User identity protection: - Identity verification - Anti-impersonation - Session integrity --- ## 6. AUTHENTICATION SYSTEMS ### Biometric Protection (WebAuthn/FIDO2) - W3C Web Authentication API - FIDO2 CTAP2 (Client to Authenticator Protocol) - Supports: Fingerprint, Face ID, Touch ID - Phishing-resistant: Domain-bound cryptographic attestation - Biometric data never leaves the device - Hardware security key support: YubiKey, SoloKey, Titan Security Key (USB, NFC, Bluetooth) ### Two-Factor Authentication (TOTP 2FA) - Time-based One-Time Password per RFC 6238 - Compatible with: Google Authenticator, Authy, Microsoft Authenticator - Recovery codes provided at setup - Optional enforcement ### Anti-Coercion Features **Duress PIN (Panic PIN):** - Secondary PIN that triggers silent complete data wipe when entered under coercion - Appears to log in normally - Erases all messages, locations, notes, encryption keys - Designed for scenarios where user is forced to unlock device **Dead Man's Switch:** - Automatic data destruction if user fails to check in within configured time - Configurable timer (hours to days) - Server-side hourly checks - Warning notifications before activation - Cryptographic erasure of all data **Panic Button:** - Global emergency button (800ms long-press activation) - Instant complete forensic data wipe - Destroys: All messages, locations, notes, encryption keys, IndexedDB, localStorage, browser caches - Cryptographic erasure makes data permanently unrecoverable --- ## 7. COMMUNICATION FEATURES ### Private Chat - End-to-end encrypted messaging (ECDH P-256 + AES-256-GCM) - Real-time via WebSocket - Features: File uploads, emoji reactions, message deletion, reply/quote, typing indicators, link previews, voice messages - Client-side image compression via CompressionWorker - Gradient message balloons - Full-screen image overlays ### Group Chat - Multi-user encrypted messaging - Admin controls - Sticky pinned banners - Broadcast messaging - Group SOS integration ### Smart Chat - Separate database infrastructure - PFS encryption (Signal Protocol) enabled by default - Dual AES-256-GCM encryption layers - KeyFortress™ key protection - Enhanced privacy mode ### BlackPTT™ - Encrypted walkie-talkie communication - Push-to-talk with PFS - Real-time voice over WebSocket ### Server-Blind Personal Notes - End-to-end encrypted notes - Client-side only encryption - Server stores only ciphertext --- ## 8. EMERGENCY & SAFETY FEATURES ### 112 Emergency Call - Direct 112 call with GPS capture - Automatic location embedding - <1 second SOS activation ### Safety Check-in - Scheduled check-ins (1-72 hours) - Automatic alerts on missed check-in - Configurable contacts ### Rally Points - Emergency meeting locations - GPS coordinates with mapping - Shared with trusted contacts ### Auto-Monitoring - Fall detection capability - Automatic alert triggers - Configurable sensitivity ### Live Tracking Links - Shareable real-time location links - Time-limited tracking - Privacy-controlled sharing ### Survival Mode - Emergency resource conservation - Minimal power consumption mode ### Private SOS & Group SOS - Individual emergency alerts - Group-wide emergency broadcasts ### MeshComm™ LIFELINE v1.0 Multi-channel offline emergency system: - Native `sms:` URI scheme for SMS - GPS auto-embedding in messages - Contact management via localStorage - SOS broadcast (works on 2G cellular without internet) **Zero-Credit LIFELINE Beacons:** - Audio SOS: Web Audio API 2500Hz morse code - Visual SOS: Screen flash + camera torch via MediaStream API - Vibration SOS: Vibration API morse code **Emergency 112 SMS:** - Free in EU without mobile credit - Automatic GPS embedding **Offline Capabilities:** - Message queue with Background Sync auto-retry - Multi-channel delivery - Automatic beacon activation on SOS --- ## 9. MAP & LOCATION FEATURES (MAPonME) ### Interactive Maps - OpenStreetMap via Leaflet/react-leaflet - Google Maps integration - Real-time location display ### Black MapShare - Up to 100 locations across 21 tactical categories - Encrypted team coordination with distinct colors and SVG icons - Interactive Leaflet map display - Address search functionality - Google Maps link generation - Location Encryption™ (end-to-end encrypted) ### Offline Maps - 10km radius regions - Storage via IndexedDB - Service Worker-based tile caching - LRU eviction for storage management ### APRS Integration - aprs.fi API integration - Amateur radio position tracking - Real-time APRS station display ### Garmin InReach MapShare - Satellite tracker integration - Outdoor activity tracking ### Interactive Compass System - Digital compass display - Heading and navigation ### Fake GPS Privacy Fortress - 7-layer location protection: 1. Geolocation API lockdown 2. WebRTC IP blocking 3. Sensor API masking 4. Network information masking 5. Timezone spoofing 6. Canvas fingerprint protection 7. Audio fingerprint protection --- ## 10. PERFORMANCE & ARCHITECTURE ### Frontend Optimizations - **Code Splitting**: 50+ lazy-loaded pages - **TanStack Query**: offlineFirst mode, staleTime 45s, gcTime 45min - **Web Workers**: - CryptoWorker: Off-thread PBKDF2 key derivation, AES-256-GCM encrypt/decrypt, batch message decryption, per-conversation key caching - CompressionWorker: Off-thread OffscreenCanvas image compression with Transferable ArrayBuffers - **PredictiveLoad™ v2.0**: Behavior-based smart prefetching with Markov transition matrix, navigation pattern learning, network-aware loading via Navigator.connection API - **Optimistic Rendering**: IndexedDB-first UI updates for instant message display ### Service Worker v121 - Cache-first for hashed assets (immutable) - Stale-while-revalidate for cacheable API endpoints (conversations, groups, friends, notifications) - Network-first for navigation - IndexedDB-first for offline map tiles with LRU eviction ### WebSocket Persistence - Aggressive heartbeats - Wake Lock API for mobile - Instant reconnection on visibility change - Persistent connections across page navigation ### PWA Architecture - Full Progressive Web App support - Offline capability via IndexedDB local cache - Outbox for offline message queuing - Service Worker for background sync - iOS PWA support with safe area CSS - Touch optimization and responsive design --- ## 11. COMPLIANCE & STANDARDS - **GDPR Compliant** — Full EU data protection, GDPR Export with pseudonymization (Art. 15/20) - **NIS2 Ready** — EU cybersecurity directive alignment - **ISO 27001 Aligned** — Information Security Management System best practices - **SSL Labs A+ Rating** — Highest security rating from Qualys SSL Labs - **HSTS Preload** — Included in Chrome's HSTS Preload List - **TLS 1.3** — Latest transport layer security with ECDHE forward secrecy - **NIST FIPS 203** — ML-KEM (post-quantum key encapsulation) compliance - **NIST FIPS 204** — ML-DSA (post-quantum digital signatures) compliance - **RFC 6238** — TOTP two-factor authentication standard compliance - **W3C WebAuthn** — Web Authentication standard - **FIDO2 CTAP2** — Client to Authenticator Protocol - **RFC 9116** — security.txt standard - **SOC-Level Incident Response** — Enterprise-grade security operations - **Immutable Audit Logging** — Tamper-resistant security event tracking (ChronicleKeeper™) - **Automatic Data Retention** — Server-enforced data lifecycle management --- ## 12. SOCIAL FEATURES ### User Profiles - Cover photos and avatars - Bios and public profiles - Activity statistics - Profile privacy controls ### Social Feed - Real-time commenting - Dual reaction system - Post deletion - Clipboard sharing - File uploads with client-side compression - Paginated posts - Rich media previews - Text formatting ### Friends System - Friend requests and management - Online status - Activity tracking ### Notifications - Real-time push notifications - In-app notification center - Configurable notification preferences --- ## 13. ENCRYPTION BADGE SYSTEM Visual indicators showing encryption type per conversation: - Standard encryption badge (AES-256-GCM) - PFS encryption badge (Signal Protocol) - QuantumVault badge (post-quantum) - Keys protected by KeyFortress™ --- ## 14. EXTERNAL DEPENDENCIES - **Geocoding**: OpenStreetMap Nominatim API - **Maps**: Leaflet/react-leaflet, Google Maps - **APRS Tracking**: aprs.fi API - **Analytics**: Google Analytics 4 (GA4) - **Monitoring**: Sentry - **Post-Quantum Crypto**: @noble/post-quantum library - **Cloud Infrastructure**: Replit Deployments, Replit Object Storage (Google Cloud Storage), Neon Database (PostgreSQL), Replit Auth (OIDC) --- ## 15. CONTACT & SOCIAL MEDIA - **Website**: https://blackvoice.tech - **Email**: blackvoice.tech@gmail.com - **Contact Page**: https://blackvoice.tech/contact - **X/Twitter**: https://x.com/blackvoicetech (@blackvoicetech) - **Facebook**: https://facebook.com/blackvoice.tech - **Instagram**: https://instagram.com/blackvoice.tech - **LinkedIn**: https://linkedin.com/in/blackvoicetechnologies - **YouTube**: https://youtube.com/@eblackvoice - **Trustpilot**: https://trustpilot.com/review/blackvoice.tech --- ## 16. SECURITY DOCUMENTATION LINKS | Document | URL | Description | |----------|-----|-------------| | Security Overview | https://blackvoice.tech/security-overview | Complete feature documentation | | Security Whitepaper | https://blackvoice.tech/security-whitepaper | Technical cryptography details | | Security Architecture | https://blackvoice.tech/security-architecture | Penta-Layer system design | | Security Audit Report | https://blackvoice.tech/security-audit-report | QuantumVault™ v2.0 validation | | Server-Blind Architecture | https://blackvoice.tech/server-blind-architecture | Zero-knowledge design | | Source Code Report | https://blackvoice.tech/open-source-report | Technical implementation report with sanitized source code (also at /source-code-report) | | Trust & Security | https://blackvoice.tech/trust-security | Trust overview | | Security Disclosure | https://blackvoice.tech/security-disclosure | Responsible disclosure | | Privacy Policy | https://blackvoice.tech/privacy-policy | Data protection | | QuantumVault GDPR | https://blackvoice.tech/quantumvault-gdpr | PQC and GDPR compliance | --- ## 17. FREQUENTLY ASKED QUESTIONS **Q: Does BlackVoice use real post-quantum cryptography?** A: Yes. QuantumVault™ v2.0 implements ML-KEM-768 (Kyber-768) per NIST FIPS 203 and ML-DSA-65 (Dilithium-3) per NIST FIPS 204. These are NIST-standardized lattice-based algorithms designed to resist quantum computing attacks. The implementation uses the @noble/post-quantum library and operates in hybrid mode with AES-256-GCM. **Q: What encryption does BlackVoice use?** A: Multiple layers: AES-256-GCM for messages, ECDH P-256 for key exchange, Signal Protocol (X3DH + Double Ratchet) for PFS, ML-KEM-768 for quantum-resistant key encapsulation, ML-DSA-65 for quantum-resistant signatures, HKDF-SHA256 for key derivation, and KeyFortress™ with Shamir's Secret Sharing for key protection. **Q: Is BlackVoice free?** A: Yes, completely free. No subscription fees, no premium tiers, no hidden costs. All features are available to every user at no charge. **Q: Is BlackVoice open source?** A: No. BlackVoice Technologies is currently closed-source. The codebase is proprietary. An external security audit is planned when funding is obtained. Internal audit results are published publicly. **Q: Who made BlackVoice?** A: Valentin Gheorghiu (amateur radio callsign YO9BX), a solo developer in the European Union (Romania). It is a non-commercial, donation-supported project. **Q: What makes BlackVoice different from Signal or SimpleX?** A: BlackVoice combines encrypted messaging with post-quantum cryptography (QuantumVault™), emergency SOS features with GPS, offline emergency beacons (MeshComm™ LIFELINE), interactive maps with APRS/Garmin integration, anti-coercion features (Duress PIN, Dead Man's Switch, Panic Button), and a Penta-Layer Security Architecture. It targets users needing both communication security and emergency preparedness. **Q: Can law enforcement access my messages?** A: No. Due to the Server-Blind Architecture, BlackVoice cannot provide message content even under legal compulsion. The server stores only encrypted ciphertext and does not possess decryption keys. --- © 2025-2026 BlackVoice Technologies. All rights reserved. EUIPO Trademark registered. Developed in the European Union.