I've been building a sovereign mobile computing platform
for the past year. The core thesis: most "secure" phones
are policy-secure, not architecturally secure. A court
order, a national security letter, or a compromised
update server can still get your data. We're trying to
make that architecturally impossible.
The stack:
seL4 microkernel (formally verified, capability-based)
RISC-V ISA (open, auditable, no vendor backdoors)
Post-quantum crypto: ML-KEM-1024, ML-DSA-87, CRYSTALS-Dilithium
BeskarVault HSM: 32 key slots, physical tamper destruction
Continuous Guardian: 50ms integrity checks, lives in ROM
BeskarLink: Signal Protocol + post-quantum augmentation
Shield Ledger: immutable Merkle-tree audit log
Zero cloud dependency — fully offline capable
Honest status: Phase 1, running on VisionFive 2 (JH7110). Not a phone you can buy. Architecture validation platform. 11/11 tests passing. CI/CD configured. Dual licensed (open source core + commercial tiers).
What we're looking for: cryptographers, seL4 developers, RISC-V engineers, formal verification people. Not hiring — contributing. This exists because the problem is real.
Happy to answer technical questions about the seL4 capability model, the post-quantum primitives, or why we chose RISC-V over ARM for this threat model.
I've been building a sovereign mobile computing platform for the past year. The core thesis: most "secure" phones are policy-secure, not architecturally secure. A court order, a national security letter, or a compromised update server can still get your data. We're trying to make that architecturally impossible.
The stack:
seL4 microkernel (formally verified, capability-based) RISC-V ISA (open, auditable, no vendor backdoors) Post-quantum crypto: ML-KEM-1024, ML-DSA-87, CRYSTALS-Dilithium BeskarVault HSM: 32 key slots, physical tamper destruction Continuous Guardian: 50ms integrity checks, lives in ROM BeskarLink: Signal Protocol + post-quantum augmentation Shield Ledger: immutable Merkle-tree audit log Zero cloud dependency — fully offline capable Honest status: Phase 1, running on VisionFive 2 (JH7110). Not a phone you can buy. Architecture validation platform. 11/11 tests passing. CI/CD configured. Dual licensed (open source core + commercial tiers).
What we're looking for: cryptographers, seL4 developers, RISC-V engineers, formal verification people. Not hiring — contributing. This exists because the problem is real.
Happy to answer technical questions about the seL4 capability model, the post-quantum primitives, or why we chose RISC-V over ARM for this threat model.