TRUST CENTER

Security & Architecture Whitepaper

A technical breakdown of BarZero's Zero-Trust, Zero-Knowledge data pipeline.

Traditional SaaS architectures require you to trust the vendor. By uploading data to a centralized database, you are relying on their firewall, their employees, and their access policies. At BarZero, we assume the server is always hostile. We do not want your trust; we provide cryptographic guarantees instead.

Zero Knowledge

All persistent data is encrypted client-side using WebCrypto AES-256-GCM. We hold zero plaintext keys.

Zero Retention

Active processing happens in ephemeral memory. Containers are wiped completely after every single API request.

1. The Ephemeral Relay Architecture

When you run a contract analysis or legal research query, the text never touches a database. Here is the exact lifecycle of a request:

  1. Client AES Encryption: Your browser generates an ephemeral symmetric key and encrypts the payload.
  2. Transmission: The ciphertext is sent over TLS 1.3 to our edge network.
  3. Container Spin-up: A micro-VM (Virtual Machine) is spawned exclusively for your request.
  4. In-Memory Decryption & Relay: The payload is decrypted strictly in RAM, passed to Anthropic's Claude API over a private backbone, and processed with a zero-retention policy.
  5. Container Destruction: The instant the response is streamed back to your browser, the micro-VM is hard-killed. RAM is zeroed out. Nothing is written to disk.

2. Browser-Local IndexedDB

To provide a seamless experience where your recent matters and chats are available when you return, we utilize your browser's native IndexedDB. This means your data physically resides on your SSD, not in an AWS RDS instance under our control.

3. End-to-End Encrypted (E2EE) Sync

If you enable Cloud Sync to access your matters across different devices, we utilize an E2EE protocol.

  • A Device Identity Key is generated via window.crypto.subtle.
  • Your entire local IndexedDB is serialized and encrypted using AES-256-GCM.
  • We simply sync the unreadable ciphertext blob to our backend. We cannot search, index, or retrieve any plaintext from it.

4. Destruction Attestations

To help attorneys comply with strict ethical obligations regarding unauthorized disclosure of client information (e.g., ABA Formal Opinion 512), every processing session generates a cryptographic SHA-256 Destruction Attestation Certificate. This guarantees a non-repudiable log proving that the specific session's memory boundary was destroyed.