hackathon/whitepaper
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add translate

Browse Source
This commit is contained in:
godvmxi
2026-02-08 21:39:16 -08:00
parent 8db5a96230
commit ed84f6ad90
12 changed files with 483 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
README.md
View File

@@ -2,12 +2,42 @@
Welcome to the Sentinel Protocol official documentation repository. Welcome to the Sentinel Protocol official documentation repository.
## 🇺🇸 English Documents
### Product Documentation
- [Product Whitepaper](./en/product/README.md)
### Technical Documentation
- [Technical Whitepaper](./en/technical/architecture.md)
- [Technical Glossary](./en/technical/glossary.md)
- [System Architecture Diagram](./en/technical/arch.md)
### Flow Diagrams
- [Application Encryption Interaction](./en/flow/app_encryption_interaction.md)
- [Asset Inheritance Flow](./en/flow/asset_inheritance_flow.md)
- [User Interaction and Privacy Archiving Flowchart](./en/flow/user_interaction_and_privacy_archiving_flowchart.md)
### Other
- [FAQ](./en/QA.md)
## 🇨🇳 中文文档 (Chinese) ## 🇨🇳 中文文档 (Chinese)
### 产品文档
- [产品白皮书](./zh-CN/product/README.md) - [产品白皮书](./zh-CN/product/README.md)
### 技术文档
- [技术白皮书](./zh-CN/technical/architecture.md) - [技术白皮书](./zh-CN/technical/architecture.md)
- [技术术语表](./zh-CN/technical/glossary.md) - [技术术语表](./zh-CN/technical/glossary.md)
- [系统架构图](./zh-CN/technical/arch.md) - [系统架构图](./zh-CN/technical/arch.md)
## 🇺🇸 English Documents ### 流程图
- [Product Whitepaper](./en/product/V2.0.md) - [应用加密交互](./zh-CN/flow/应用加密交互.md)
- [Technical Whitepaper](./en/technical/V2.0.md) - [资产继承流程](./zh-CN/flow/资产继承流程.md)
- [用户交互与隐私归档流程图](./zh-CN/flow/用户交互与隐私归档流程图%20.md)
### 其他
- [问答中心](./zh-CN/QA.md)

61
en/QA.md Normal file
View File

@@ -0,0 +1,61 @@
# Sentinel Protocol FAQ
---
### Q1: If the Sentinel Protocol company goes bankrupt, can I still recover my data and legacy?
**A: Yes.** Sentinel Protocol was designed with "non-dependency" in mind:
* **Data Persistence**: Your core data is stored in decentralized storage networks like Arweave/Filecoin, so physical persistence does not rely on our central servers.
* **Self-Rescue Kit**: The decryption tool code is completely open source. Even if the company disappears, as long as you hold the complete mnemonic or shards (S0/S1/S2), you can independently extract data using open-source tools.
* **DAO Takeover**: Smart contracts automatically monitor company activity. Once an "incapacitated state" is triggered, protocol control is automatically transferred to a Decentralized Autonomous Organization (DAO).
---
### Q2: How to prevent the heir (holding S2) and the platform (holding S1) from colluding to steal my assets?
**A: Technical isolation makes collusion impossible.**
Before your status is determined as "Released", the distributed nodes storing S1 shards are in a **logically locked state**. Any node will reject any collision request until it detects a "Proof of Status" on the blockchain (a legitimate release signal signed by the smart contract). Even if the heir holds the S2 credential, without the system-generated release instruction, the ciphertext content cannot be reverse-engineered.
---
### Q3: If I am just temporarily in a coma or working in a signal-free area (like the high seas), will the system misjudge me as deceased?
**A: No.** We have designed a **Double-Lock Mechanism**.
* **Freeze Period**: You can preset a freeze period of 180-365 days. When the heartbeat signal is interrupted, the system first enters a "Pending" state.
* **One-Click Abort**: During the long freeze period, as long as you come back online or your emergency contact intervenes, the release process will be immediately aborted and reset.
* **Sleep Mode**: If you plan to go on a long offline expedition, you can directly turn on "Sleep Mode" to pause monitoring.
---
### Q4: My financial situation is unstable recently, can I temporarily stop the subscription?
**A: Yes.** You can turn on "Pause/Sleep Mode" at any time.
* **Physical Persistence**: During the pause, although active services like AI monitoring will stop, your data remains physically sealed in the storage network and will not be deleted.
* **Wake Up Anytime**: You only need to pay a small amount of storage maintenance fees in the future to restore active status with one click.
* **Extreme Extraction**: Even if an extreme situation occurs during the pause, the heir can still settle the outstanding fees and extract assets according to the protocol.
---
### Q5: When AI sorts data, will it pry into my privacy (such as passwords, will content)?
**A: Absolutely not.**
* **Local Encryption**: Data is high-strength encrypted before leaving your device.
* **Shadow Proxy Technology**: AI only processes metadata within the **TEE (Trusted Execution Environment)** hardware. AI is only responsible for indexing and suggesting archiving; it does not have the key permissions to decrypt ciphertext and cannot read file content.
---
### Q6: Is Sentinel Protocol legally effective? Can the heir use the exported key to confirm rights?
**A: Yes.**
* **Legal Pre-statement**: When you set the S2 recipient, the system generates a digitally signed "Notification Letter", clarifying that this act constitutes a legal "gift/inheritance" authorization.
* **Notarization Linkage**: For L2 level users, we provide full-process legal notarization support.
* **Multi-dimensional Evidence**: The extraction process is recorded by the blockchain, ensuring the authenticity of the inheritance act and avoiding legal disputes.
---
### Q7: Why is the persistence period for L0 users only 10 years?
**A: This is to ensure the robustness of the financial model.**
10 years is a financial break-even point designed to cover the initial storage costs of the decentralized network and the hedging fees of the protocol reserve pool. After expiration, the data enters an "overdue retention state", and the heir only needs to make up for the minimal storage gap for the overdue period to complete the extraction. This design ensures that the protocol remains resilient over decades.
---
### Q8: If I lose all my mnemonic phrases, can you help me recover them?
**A: Sorry, we cannot do that.**
Sentinel Protocol adheres to the **non-custodial** principle. If you lose all shards and have not backed up the original mnemonic, since the platform does not possess your full set of private keys, no one can forcibly open your vault. This is both a guarantee of sovereignty and the final boundary of security.
---
**Sentinel Protocol: Protecting your digital assets until sovereignty is awakened once more.**

32
en/flow/app_encryption_interaction.md Normal file
View File

@@ -0,0 +1,32 @@
```mermaid
graph TD
Start[Generate/Import Mnemonic] --> Show[UI: 12-word Mnemonic Display]
Show --> Backup[Prompt Physical Backup/Write Down]
subgraph Action_Phase [Initialization Phase]
Backup --> Email[Click: Email Backup]
Email --> SendEmail[Invoke System Email: Send Mnemonic or Encrypted Version]
Backup --> Process[Click: Backup Complete/Next]
end
Process --> Core[Core Calculation Logic]
subgraph Logic_Layer [Logic Layer]
Core --> Key[Derive Master Seed]
Key --> SSS[SSS 3/2 Split]
Key --> S0[Write S0 to TEE/SE]
SSS --> S1[Transmit S1 to Cloud Node]
SSS --> S2[S2 Processing Interface]
end
S2 --> S2_Action{Process S2 Immediately?}
S2_Action -->|Yes| S2_Send[Send to Designated Executor/Download]
S2_Action -->|No| S2_Skip[Skip, Destroy S2 & Mnemonic in Memory]
subgraph Future_S2 [Late S2 Processing]
S2_Skip --> S2_Late[Late Click: Configure Heir]
S2_Late --> Re_Auth{Permission Check}
Re_Auth -->|Option A: Re-enter| Input[Require User to Re-enter Mnemonic]
Re_Auth -->|Option B: Reset| Reset[Regenerate Completely, Re-encrypt All Data]
end
```

44
en/flow/asset_inheritance_flow.md Normal file
View File

@@ -0,0 +1,44 @@
```mermaid
graph TD
%% Phase 1: Initialization
subgraph Initialization [1. Initialization Phase]
A[Mnemonic Phrase] -->|PBKDF2/Scrypt| B[Master Seed]
B -->|SSS 3/2 Split| S0[Shard S0: Mobile Held]
B -->|SSS 3/2 Split| S1[Shard S1: Distributed Custody]
B -->|SSS 3/2 Split| S2[Shard S2: Offline Credential, Inheritance]
end
%% Phase 2: Storage & Distribution
subgraph Storage [2. Storage & Distribution]
S0 -->|Persist| TEE[Mobile Secure Chip TEE/SE]
S1 -->|VSS Resharding - Anti-Collusion| Cloud[Distributed Cloud Nodes]
S2 -->|Delivery/Backup| Heir[Heir/Lawyer/Vault]
end
%% Phase 3: Active State
subgraph Active_State [3. User Active State (Alive)]
User((User)) -->|Biometrics| TEE
TEE -->|S0| Auth{TEE/SE Computation}
DATA{Data to Process} -->|S0| Auth
Auth --> Action[Processing Result]
end
%% Phase 4: Inheritance Logic
subgraph Inheritance_Logic [4. Inheritance Trigger Logic]
Signal{Heartbeat Signal Interrupted?} -->|Yes| Pending[Enter Pending Freeze Period]
Pending -->|Timeout & No Intervention| Contract[Smart Contract Triggers Released]
Contract -->|Unlock Signal| Cloud
end
%% Phase 5: Recovery
subgraph Recovery [5. Asset Recovery]
Heir -->|Holds S2| Recovery_Auth{Combine & Restore}
Cloud -->|Unfreeze & Release S1| Recovery_Auth
Recovery_Auth -->|S1 + S2| B2[Reconstruct Master Seed]
B2 --> Success[Asset/Data Inheritance Success]
end
%% Styling
style A fill:#f9f,stroke:#333,stroke-width:2px
style B fill:#fff,stroke:#333,stroke
```

54
en/flow/user_interaction_and_privacy_archiving_flowchart.md Normal file
View File

@@ -0,0 +1,54 @@
```mermaid
graph TD
subgraph AI_LLM
GEMINI
end
subgraph AI_Server_Proxy
Prompts[Prompt Template API]
LLM_REQ[AI Request Proxy API]
LLM_RESP[AI Response Proxy API]
LLM_REQ --> LLM_P[Wrap Prompt]
LLM_P --> GEMINI
GEMINI --> LLM_RESP
end
%% Phase 1: AI Interaction
subgraph AI_Interaction [1. AI Interaction & Local Logs]
A[Mobile Periodic Check or Push]
B(Mobile AI Assistant)
RESULT(Mobile Display Result)
A --> Prompts
Prompts --> |Template Desc & ID| B
B -->|User Input| C{Privacy Proxy}
C -->|Desensitize| LLM_REQ
LLM_RESP -->|Return| RESULT
C -->|Local Save| E[(Interaction Records Local DB)]
RESULT --> E
end
%% Phase 2: Archiving Decision
subgraph Decision_Phase [2. Summary & Backup Trigger]
E -->|AI Local Summary| F[Asset/Info Identification]
F -->|Ask User| G{Confirm Backup?}
G -->|No| H[Local Retention Only]
end
%% Phase 3: Sentinel Dual Encryption
subgraph Secure_Vault [3. Sentinel Dual Encryption]
G -->|Yes: Authorize| I[TEE Invokes Key]
I <-->|Inner Layer Enc/Dec| J[User Ciphertext Data_Enc_D0]
J -->|Upload| K[Sentinel Server]
K -->|Download| J
K -->|Server PubKey/Outer Layer Enc/Dec| L[Final Ciphertext Enc_Data_Final]
L <-->|Distributed Storage| M[(Arweave / Filecoin)]
M <-->|Record Hash| N[Smart Contract Lock/Proof]
end
%% Styling
style I fill:#f96,stroke:#333
style K fill:#bbf,stroke:#333
style M fill:#9f9,stroke:#333
```

53
en/flow/用户交互与隐私归档流程图 .md
View File

@@ -1,53 +0,0 @@
```mermaid
graph TD
subgraph AI_LLM
GEMINI
end
subgraph AI_Server_Proxy
Prompts[Prompt 模板API]
LLM_REQ[AI请求代理 API]
LLM_RESP[AI返回代理 API]
LLM_REQ --> LLM_P[包装提示词]
LLM_P --> GEMINI
GEMINI --> LLM_RESP
end
%% 第一阶段AI 普惠层
subgraph AI_Interaction [1. AI 交互与本地日志]
A[手机端定期检查或者推送]
B(手机端 AI 小助手)
RESULT(手机端展示结果)
A --> Prompts
Prompts --> |模板描述和模板ID| B
B -->|用户输入| C{隐私代理}
C -->|脱敏| LLM_REQ
LLM_RESP -->|回传| RESULT
C -->|本地保存| E[(交互记录 Local DB)]
RESULT --> E
end
%% 第二阶段:智能归档决策
subgraph Decision_Phase [2. 总结与备份触发]
E -->|AI 本地总结| F[资产/信息识别]
F -->|询问用户| G{确认备份?}
G -->|No| H[仅本地留存]
end
%% 第三阶段:哨兵双重加密存储
subgraph Secure_Vault [3. 哨兵双重加密流程]
G -->|Yes: 授权| I[TEE 调用密钥]
I -->|内层加密| J[用户密文 Data_Enc_D0]
J -->|上传| K[Sentinel 服务器]
K -->|服务器公钥/外层加密| L[最终密文 Enc_Data_Final]
L -->|分布式存储| M[(Arweave / Filecoin)]
M -->|记录 Hash| N[智能合约锁死/存证]
end
%% 样式
style I fill:#f96,stroke:#333
style K fill:#bbf,stroke:#333
style M fill:#9f9,stroke:#333
```

106
en/product/README.md
View File

@@ -0,0 +1,106 @@
# Sentinel Protocol Whitepaper
> **——A Digital Life Perpetual Storage and Intelligent Succession Protocol Based on AI and Blockchain**
## Table of Contents
- [1. Project Background and Core Pain Points](#1-project-background-and-core-pain-points)
- [2. Core Technology: Persistent Storage and Fragmented Sovereignty](#2-core-technology-persistent-storage-and-fragmented-sovereignty)
- [3. Passive Verification and State Machine: Multi-dimensional Service Boundaries](#3-passive-verification-and-state-machine-multi-dimensional-service-boundaries)
- [4. Perpetual Governance: Community Co-governance and Failover](#4-perpetual-governance-community-co-governance-and-failover)
- [5. AI Application Layer: Intelligent Butler](#5-ai-application-layer-intelligent-butler)
- [6. Developer Ecosystem: Open API](#6-developer-ecosystem-open-api)
- [7. Economic Model: Differentiated Tiering and Reserve Pool](#7-economic-model-differentiated-tiering-and-reserve-pool)
- [8. Conclusion](#8-conclusion)
---
## 1. Project Background and Core Pain Points
* **1.1 Digital Assets "Permanently Locked"**: Due to private keys being lost upon the holder's death, decentralized assets face irreversible loss.
* **1.2 Internet Data "Ten-Year Disappearance Law"**: Commercial company bankruptcies result in 38% of links becoming invalid within 10 years, posing a threat to users' digital memories.
* **1.3 Meaning Obscurity and Information Overload**: Massive redundant data prevents users from extracting truly valuable successor assets from fragmented information.
* **1.4 High-Risk Professions "Sudden Rupture"**: Workers in hazardous industries (miners, sailors) face insurmountable barriers to asset access in zero-warning, zero-network situations.
---
## 2. Core Technology: Persistent Storage and Fragmented Sovereignty
### 2.1 Fragmented Key Management and Absolute User Sovereignty (SSS 3/2)
* **User Sovereign State (Combination A)**: Users gain complete control of the full mnemonic entropy upon initialization, with complete control over S0, S1, and S2. At any time during their lifetime, users maintain **100% sovereign autonomy**.
> **Sovereignty Definition**: This means you need no one's permission to complete daily operations. Whether transferring assets or reading files, the system completes verification through biometric authentication in the background, giving you absolute control and seamless user experience.
* **S1 and S2 Anti-Collusion Mechanism**:
* **Logic Isolation**: Before determination logic is triggered, S1 distributed nodes remain locked, rejecting any collision requests.
* **Smart Contract Witness Release**: S1 can only be unfrozen after the smart contract detects the system entering "Released" status, completely preventing collusion between custodians and successors.
* **Succession Extraction State (Combination B)**: Once the status determination is established, S1 automatically unfreezes, allowing successors to retrieve assets using S2.
### 2.2 S1 Decentralized Distribution and Multi-layer Storage Guarantees
* **Heterogeneous Redundant Backup**: Synchronously connected to Arweave (permanent storage), Filecoin (incentivized storage), and heterogeneous encrypted nodes across multiple jurisdictions.
* **VSS Distributed Custody**: S1 shards are further fragmented using **Verifiable Secret Sharing (VSS)** and distributed across decentralized networks, eliminating the risk of single-server failures.
### 2.3 AI-Driven "Data Funnel" and Automated Archiving
* **Intelligent Sorting**: AI identifies high-value information during daily interactions and automatically suggests users to structure and archive critical elements (accounts, insurance policies, testamentary intentions) with "one-click installation."
---
## 3. Passive Verification and State Machine: Multi-dimensional Service Boundaries
### 3.1 Pending Status Double-Lock Mechanism
* **Misidentification Grace Period**: If the system triggers Pending (disconnection signal), users can preset a **180-365 day freeze period**. During this time, the system prohibits releasing any data, protecting users in long-term coma or special circumstances from having their sovereignty compromised.
* **Composite Verification**: Combines low-sensitivity privacy monitoring (step count, heart rate, interaction frequency) with manual verification by emergency contacts.
### 3.2 Released Status and Automated Delivery
* **Shadow Proxy (AI Proxy)**: Runs within **TEE (Trusted Execution Environment)**, the AI generates a structured *Digital Asset Succession Guide* and proactively pushes it to designated successors.
### 3.3 Subscription Suspension and Recovery Mechanism
* **Sleep Mode** : Users can actively trigger "Pause Subscription".
* **Service Silence**: Upon entering this state, the system stops active heartbeat monitoring and AI asset sorting.
* **Physical Persistence**: Thanks to the multi-layer storage system (Arweave/Filecoin), core encrypted data remains physically sealed in the underlying network, unaffected by subscription status.
* **Wake-up Logic**: Users can verify their identity (S0/mnemonic) at any time, pay outstanding maintenance fees, and restore to "Active" status with one click.
* **Extreme Extraction During Sleep Mode**: If a user passes away while in sleep mode, successors holding S2 can still initiate extraction requests. The system guides successors to settle outstanding fees before entering the release process.
---
## 4. Perpetual Governance: Community Co-governance and Failover
* **4.1 Digital Trust Foundation**: An independent legal entity managing storage funds and shard security.
* **4.2 Smart Failover**: Blockchain smart contracts continuously monitor commercial entity activity. Should anomalies exceed thresholds (e.g., lost heartbeat), system control automatically transfers to the **Decentralized Autonomous Organization (DAO)** to take over, ensuring service never stops.
---
## 5. AI Application Layer: Intelligent Butler
* **5.1 Shadow Gateway**: AI assists with daily tasks without accessing core encryption, protecting privacy boundaries.
* **5.2 Advanced Prompt Engineering Encapsulation and Scenario-based Assistants**:
* **Skill Capsules**: Complex prompt engineering is encapsulated into ready-to-use functional modules. Users don't need to learn AI commands; simply select scenarios like "Asset Inventory," "Family Letter Writing," or "Legal Consultation," and the system automatically loads deeply optimized Chain-of-Thought (CoT) logic in the background, guiding users to efficiently complete information organization.
* **AI Assistant Matrix**: Built-in specialized assistants such as "Asset Detective" (helping recall hidden assets) and "Emotional Support Runner" (reducing anxiety about end-of-life planning), lowering user adoption barriers and psychological burden through heuristic dialogue.
---
## 6. Developer Ecosystem: Open API
* **Open Vault API**: Supports third-party applications (wallets, password managers, etc.) integration, shared protocol and resources, and shared revenue distribution.
---
## 7. Economic Model: Differentiated Tiering and Reserve Pool
### 7.1 Service Tier System
| Tier | Duration | Extraction Fee | Legal Service Capability | Value-Added Features |
| :--- | :--- | :--- | :--- | :--- |
| **Standard (L0)** | 10 years | Outstanding fees + Service fee | Basic Notarization + Custom Consultation | Prepayable extraction fees, optional offline key |
| **Premium (L1)** | 20 years | Free extraction service fee | E-signature + Custom Consultation | High data quota, frictionless succession experience |
| **Eternal (L2)** | 100+ years | Free extraction service fee | Full-process Public Notarization + Custom Consultation | Bank-grade key custody, regular cold backup |
### 7.2 Financial Soundness: Protocol Reserve Pool
* **Cross-subsidy Logic**: Extract 10% from high-premium revenue of L1/L2 tiers into the reserve pool.
* **Risk Hedging**: Reserve pool hedges against future storage cost fluctuations and serves as a default insurance fund for L0-tier users' storage defaults, ensuring physical data security for all users.
### 7.3 Offline Services and Customized Consultation
* **Offline Cold Wallet Key Service**: Available to all users. L2 users additionally enjoy offline storage environments with bank-grade security monitoring.
* **Comprehensive Legal Services**: All tier users can schedule consultations with partner law firms for legal certification of critical documents and custom consultation.
### 7.4 Storage Overage Fees
* **User Quota Overage Charges**: Each tier has a certain quota; additional fees apply for overages.
---
## 8. Conclusion
Sentinel Protocol establishes a new paradigm for digital asset succession centered on "user sovereignty." By eliminating risks through **S1 distributed custody** and **anti-collusion protocol**, protecting incapacitated sovereignty through the **double-lock mechanism**, and achieving long-term economic sustainability through the **protocol reserve pool**, it provides a trustworthy, perpetual, and legally compliant safe harbor for humanity's digital assets.
---
**Sentinel Protocol: Protecting your digital assets until sovereignty is awakened once more.**

0
en/technical/README.md
View File

56
en/technical/arch.md Normal file
View File

@@ -0,0 +1,56 @@
```mermaid
graph TD
%% Define styles
classDef layer stroke-width:2px,stroke-dasharray: 5 5;
classDef hardware fill:#f96,stroke:#333,stroke-width:2px;
classDef storage fill:#bbf,stroke:#333,stroke-width:2px;
classDef contract fill:#dfd,stroke:#333,stroke-width:2px;
subgraph User_Side [AI Accessibility Layer & Hardware Sovereignty Layer]
A[User Interaction / AI Assistant] --> B[Privacy Proxy]
B -- Local Filtering / De-identification --> C[AI Vendor Server]
B -- Identify Valuable Assets --> D{Biometric Authorization}
D -- Authorization Passed --> E[[TEE Hardware Environment]]
subgraph TEE [TEE Internal Execution]
E --> F[Master Key K]
F --> G[Inner Hardware Encryption]
end
end
subgraph API_Layer [Third-Party API Integration Layer]
H[Mode A: Standalone Sovereignty]
I[Mode B: Collaborative SDK]
I -.-> D
end
subgraph Sentinel_Storage [Sentinel Vault Layer]
G --> J[Server Cluster Outer Encryption]
J --> K[S1 Recursive Fragmentation]
subgraph Distributed_Nodes [Distributed Storage Nodes]
K --> L1[Node A: Sub-shard S1a]
K --> L2[Node B: Sub-shard S1b]
K --> Ln[Node N: Sub-shard S1n]
end
L1 & L2 & Ln --> M[(Arweave Permanent Storage Network)]
end
subgraph Survival_Mechanism [Survival Guarantee Layer]
N[Legal Trust Fund] -- Fee Payment Guarantee --> M
O[Smart Contract Dead Man Switch] -- Heartbeat Monitoring --> J
O -- Trigger Open-Source Takeover --> P[Release Node Private Keys & Ciphertext Index]
P --> Q[Open-Source Self-Recovery Tool]
subgraph Recovery [Reconstruction Path]
Q --> R{Reconstruct Master Key K}
S0[Redundancy Shard S0] --> R
S2[Heir Shard S2] --> R
L1 & L2 & Ln -- Contract-Triggered Release --> R
end
R --> T[Decrypt Original Data Assets]
end
%% Apply layer hierarchy styles
class E,F,G hardware;
class M,L1,L2,Ln storage;
class O contract;
```

85
en/technical/architecture.md
View File

@@ -0,0 +1,85 @@
# Sentinel Protocol (哨兵协议) Technical Whitepaper
## **1. Abstract**
Sentinel Protocol proposes a digital asset protection framework based on "sovereignty origin + recursive fragmentation." By reducing adoption barriers through **AI privacy proxy**, locking sovereignty execution root through **TEE hardware**, and combining **multi-level SSS algorithms** to enable perpetual asset succession. The core innovation lies in the dual-track guarantee of **smart contract dead man switch** and **statutory trust storage mechanism**, ensuring that after a commercial entity ceases service, the open-source community can take over access rights, and encrypted data remains physically preserved and decryptable over long historical periods.
---
## **2. Core Architecture: Four-Layer Defense System**
### **2.1 AI Accessibility Layer**
* **Functional Assistant**: Encapsulates advanced prompts into preset plugins, providing natural language interaction entry points.
* **Privacy Proxy**:
* **Local Interception**: Executes sensitive keyword filtering on the client side, ensuring private key fragments or personally identifiable information **never** leave the local environment.
* **De-identified Forwarding**: Relay proxy removes metadata such as IP addresses and device IDs, allowing third-party AI vendors to receive only anonymized pure instructions.
* **Local Semantic Summary**: Client-side AI locally summarizes assets, only prompting users to enter hardening process when valuable targets are discovered.
### **2.2 Hardware Sovereignty Layer**
* **Master Key (K)**: Derived from mnemonic phrases, locked within the phone's **TEE (Trusted Execution Environment)**. We don't trust software systems, only mathematics locked in chip architectures.
* **Inner Hardening**: Data completes the first-layer hardware-level inner encryption using $K$ before leaving the device.
### **2.3 Sentinel Vault Layer**
* **Outer Hardening**: Server clusters perform secondary public key encryption on ciphertext to defend against transmission risks.
* **Perpetual Storage**: Double-encrypted ciphertext is custodied on decentralized permanent networks such as Arweave.
### **2.4 Third-Party API Integration Layer**
* **Mode A: Standalone Sovereignty**: Third-party applications work with **independent mnemonics**. Sentinel Protocol serves solely as storage medium and algorithm suite, with completely isolated logic.
* **Mode B: Collaborative SDK**: Third-party applications integrate **Sentinel encryption SDK**. After user biometric authorization, collaborative sharing of master authorization data breaks down data silos.
---
## **3. Role Definitions and Key Derivation System**
The system follows strict derivation logic from "mathematical meta-seed" to "physical shards":
* **Mnemonic**: System's **root seed**, the sole mathematical origin of all keys.
* **Master Key (K)**: Locked within TEE chip, serving as the daily sovereignty execution root.
* **S0 (Redundancy)**: Redundancy backup shard. Saved offline by users (physical printout/USB drive) as final recourse.
* **S1 (Cloud)**: Distributed recursive shard, custodied by cloud nodes.
* **S2 (Heir)**: Heir shard. Distributed by user to designated estate handlers.
---
## **4. S1 Distributed Recursive Fragmentation (Multi-Server Fragmentation)**
To completely eliminate centralized node data breach and collusion risks, $S_1$ adopts a "divide and conquer" strategy:
### **4.1 Secondary Fragmentation Logic**
After the mobile device generates $S_1$, instead of uploading it directly, it is fragmented again through the SSS algorithm into $n$ sub-shards ($n \ge 2$): $\{S_{1a}, S_{1b} \dots S_{1n}\}$.
### **4.2 Node Encryption and Storage**
* **Independent Encryption**: Each sub-shard is encrypted using the independent public key of its corresponding storage node.
* **Distributed Storage**: Sub-shards are distributed to multiple geographically isolated and logically independent sentinel server nodes.
* **Security Characteristics**: No single server possesses complete $S_1$. Hackers breaching a single database only obtain "fragments of fragments."
---
## **5. Business Logic Workflow**
### **5.1 Data Ingestion Flow**
1. **Identification and Confirmation**: Local AI discovers information, obtaining user biometric authorization.
2. **Double Encryption**: TEE invokes $K$ to complete inner hardening $\rightarrow$ Server executes outer hardening.
3. **Recursive Distribution**: $S_1$ is fragmented into multiple sub-shards, then encrypted and sent to different geographic nodes.
### **5.2 Succession and Recovery Flow**
1. **Status Determination**: Smart contract detects incapacity signal.
2. **Shard Aggregation**: Multiple nodes verify contract instructions, decrypt and release their respective sub-shards.
3. **Multi-level Reconstruction**:
* **First-level Reconstruction**: Sub-shards reconstruct the original cloud shard $S_1$.
* **Second-level Reconstruction**: $S_1$ combined with heir-held $S_2$ (or redundancy shard $S_0$) synthesizes Master Key (K).
4. **Asset Decryption**: Using $K$ to peel off inner encryption and retrieve original assets.
---
## **6. Survival Guarantee and Security Summary**
### **6.1 Survival Guarantee (The Great Survival Protocol)**
* **Statutory Trust and Renewal**: Dedicated trust fund independent from commercial entities, ensuring physical validity of storage fees over long historical periods.
* **Dead Man Switch**: Once the commercial entity becomes incapacitated, smart contracts automatically release ciphertext indexes and node private keys, with open-source community taking over access.
* **Open-Source Self-Rescue**: Users can leverage open-source tools, combined with mnemonic phrases or $S_2/S_0$, to locally restore $K$; even if official services disappear, data can be recovered.
### **6.2 Security Highlights**
* **Anti-Database Breach (Anti-DB Leak)**: Cloud-side $S_1$ exists in fragmented state; single-point compromise is meaningless.
* **Privacy Sovereignty**: Privacy Proxy physically isolates AI-side profiling risks.
* **Uniqueness and Robustness**: $K$ locked in TEE, and system can reconstruct data even when some nodes go offline.
---

12
en/technical/glossary.md
View File

@@ -0,0 +1,12 @@
## **Appendix: Glossary**
| Term | Common Definition | Role in This Protocol |
| :--- | :--- | :--- |
| **TEE (Trusted Execution Environment)** | An "independent safe deposit box" in the phone's chip. | Stores the master key $K$, preventing key theft even if the phone is compromised. |
| **SSS (Secret Sharing Scheme)** | Like the ancient "tiger's order," torn into fragments separately, assembled into authority. | Fragments the master key into $S_0, S_1, S_2$, enabling disaster recovery and backup. |
| **Mnemonic** | The system's "meta-seed," the most important words in life. | The highest permission root for recovering all assets. |
| **Privacy Proxy** | Your "digital double," speaking to AI on your behalf. | Intercepts local sensitive information, removes IP/device ID, preventing identity leakage. |
| **Arweave** | A "permanent and unchangeable" digital monument. | Permanently custodies encrypted ciphertext, solving the problem of data loss after traditional cloud storage bankruptcy. |
| **Recursive Sharding** | Like feeding shredded paper through the shredder one more time. | Ensures that even if storage nodes are compromised, attackers cannot obtain the complete cloud shard $S_1$. |
| **Dead Man Switch** | If I stop checking in, the protocol executes automatically. | Monitors commercial entity status; if bankrupt, transfers decryption rights to the community. |
| **Legal Trust** | A data "maintenance fund" protected by law. | Ensures storage fees remain continuously paid, preventing fee discontinuation due to company bankruptcy. |

0
zh-CN/technical/README.md
View File