Secure Legion
SECURE
Version 3

Complete Architecture v3

Fully decentralized messaging and identity system with the innovative Ping-Pong Wake Handshake

Private by DesignServerlessBlockchain IntegratedCold Storage Identity

1Overview

Secure Legion is a fully decentralized messaging and identity system that combines a blockchain-based directory, hardware-encrypted wallets, a serverless wake-and-alarm communication system, and the innovative Ping-Pong Wake Handshake to deliver encrypted messages only when both devices are online. This architecture guarantees zero metadata exposure and no dependency on centralized servers.

2Ping-Pong Wake Handshake

The Ping-Pong Wake System is Secure Legion's signature innovation. It ensures reliable, private, and serverless message delivery. Unlike conventional systems that depend on permanent relays, this design coordinates delivery only when both peers are awake and authenticated.

Flow Diagram

Sender Device
Receiver Device
(1). Encrypt message, store in local queue
Ping Token
(3). Receiver wakes, authenticates user
Sender Pong acknowledgment (authenticated)
(5). Sender releases queued message securely
(6). Receiver decrypts and confirms delivery

Key Security Benefits

  • Messages never leave sender's device until receiver confirms readiness
  • No permanent relay or third-party storage required
  • All Ping and Pong tokens are encrypted and nonce-protected to prevent replay attacks
  • Local queues are AES-GCM encrypted with keys derived from the user's wake key
  • AlarmManager periodically re-arms Ping cycles until Pong is received

3Message Download Flow (Wake → Fetch → Decrypt)

1
Wake Receipt: Device receives encrypted wake via socket, alarm, or UnifiedPush
2
Authenticate User: App unlocks hardware key after biometric/PIN verification
3
Secure Fetch: Connects through Tor/WebSocket, retrieves ciphertext only
4
Decrypt: Hardware key unwraps DEK, decrypts in RAM, displays local notification
5
Auto-Wipe: DEK erased; message removed after viewing or timeout

4Duress PIN & Distress Wipe

  • Entering duress PIN wipes private keys, session data, and message caches
  • Broadcasts signed revocation across peers to purge queued messages
  • Easy-to-guess PINs (e.g., 123456) can be configured as automatic duress triggers
  • App resets to onboarding state post-wipe, offering recovery from seed phrase

5Blockchain Directory (Solana + IPFS)

Each user publishes an encrypted contact card pointer to the blockchain. The contact card is encrypted with a passcode-derived key and stored on IPFS. Handles are hashed client-side with Argon2id to prevent scraping or brute-forcing. Registration costs are negligible (~0.00006–0.00007 SOL per entry).

6Cold Storage Wallet Integration

  • Hardware Storage: Keys stored in StrongBox/Secure Enclave, used for identity and message signing
  • No Hot Storage: Wallet operates in read-only mode unless unlocked
  • Multiple Identities: Supports multiple burner identities; rotation possible per chat session

7Cross-Chain Bridge

A lightweight bridge mirrors Solana directory entries to BNB/Ethereum. It uses cryptographic proofs to link ed25519 and secp256k1 identities, allowing users from other chains to locate and message each other.

8Security Overview

FeatureMethodPurpose
EncryptionXChaCha20 + Ed25519 SignaturesProtects data at all layers
Wake PrivacyOpaque Ping/Pong tokensPrevents metadata exposure
Offline ResilienceAlarmManager + Queue ReconnectGuarantees message delivery
Identity StorageCold wallet hardware keyUnforgeable and offline
Cross-chain ProofDual-curve signature mappingVerifiable multi-chain identity

9Summary

Secure Legion v3 unites blockchain-based discovery, cold storage identities, a serverless wake/alarm engine, and the Ping-Pong Wake System for the world's first decentralized, metadata-free messaging protocol. Every component — from Solana directory lookups to local wake pings — is encrypted, ephemeral, and verifiable.

Full Architecture Document

Download the complete technical architecture specification

Download Architecture PDF