1KQ
My ProfileDr. XPersonaStart InterviewSign in

Security · v0.6.0 · MVP launch

What we can and cannot read about you.

1KQ asks you the questions that map who you are. The answers are sensitive by design. This page is the contract for how we hold them — every claim links to the source file in our public repo.

The short version

With Privacy Mode on, your questionnaire answers, your Dr. X conversations, your persona chats, and your self-reported profile are encrypted in your browser under a key only you hold. The server stores ciphertext and metadata. We can prove a session existed; we cannot read what was said.

We don't run live voice. Audio never leaves your device — your browser does the speech-to-text locally, and the resulting text joins the same encrypted path as typed input.

Our agent fleet (memory extractor, summarizer, hive curator) is blocked from reading Privacy Mode data unless you grant a time-bounded scope. Without a grant, it silently skips.

The artifacts that back the claim

The complete data classification — every column in our database, mapped to OPERATOR_READABLE or USER_ONLY.

docs/DATA_CLASSIFICATION.md

A typed projection of the same classification, plus a per-feature page in the app.

/account/data-visibility (live)

The build manifest pinning every byte of client-side crypto code shipped in this build.

/build-manifest.json (live)

The full client-crypto inventory — every file allowed to perform crypto in your browser.

src/lib/crypto/inventory.ts

Master key lifecycle — how your passphrase, recovery mnemonic, and passkey-PRF wrap the master key.

docs/KEY_LIFECYCLE.md

Agent-fleet trust bridge — the contract for letting Enhanced Mode agents read your data.

docs/AGENT_FLEET_ENCLAVE.md

Browser-direct AI proxy contract — what the server is allowed to broker and what it isn't.

docs/BROWSER_DIRECT_AI.md

ZDR (zero-data-retention) contract status with each upstream model provider.

docs/ZDR_CONTRACTS.md

Live voice retirement — why we stopped streaming audio to vendors and what replaces it.

docs/RETIRE_LIVE_VOICE.md

Launch claims map — every public statement on this page traced to a file, test, or migration.

docs/LAUNCH_CLAIMS.md

Third-party audit readiness checklist — the scope statement we hand to a security firm.

docs/AUDIT_READINESS.md

What an attacker gets from a full database dump

After Phases A–H ship (every URL above is one of those phases), an attacker who exfiltrates our entire production Postgres database and its backups gets:

  • Account identifiers (email, OAuth provider IDs)
  • MFA configuration (which factors are enrolled)
  • Session bookkeeping
  • The numeric personality vector for each user
  • Engagement counts
  • The audit log
  • Encrypted blobs they cannot decrypt without each user's key

They do not get:

  • Any answer to any question
  • Any Dr. X conversation
  • Any memory fact
  • Any persona conversation
  • Any voice transcript

The honest gaps

We refuse to ship security theatre. These are the parts of the system where the claim is weaker than we want it to be, with the explicit roadmap to close each one.

  • The agent-fleet bridge runs in our app process. Today, when a Privacy Mode user grants a scope, the agent decrypts and processes inside our Node runtime. The grant contract, audit log, and TTL ceiling are real. The hardware attestation is not — it ships in the post-MVP TEE rollout described in docs/AGENT_FLEET_ENCLAVE.md §3.
  • Memory facts and rolling summaries written under a grant are operator-readable until you crypto-shred. The bridge gates the write; it does not yet wrap the resulting row. The crypto-shred endpoint (DELETE /api/account/data, MFA-gated) renders every wrap of your master key permanently opaque, which closes the gap on demand.
  • Hive curation + preference inference scopes are declared but not yet wired. They appear in the schema and the UI; the runtime gates land in the next PR following Phase H.
  • The third-party audit has not happened yet. We have written the scope statement and the readiness checklist; engagement starts after launch. Until then, every claim on this page is verifiable by reading the source — which is the entire point of this page.

Reach us

Found a bug, a leaky claim, or a cryptographic concern? Open an issue at github.com/andytrench/1KQ/issues or email security@1kq.app (PGP key linked in the readme).