Privacy Architecture
Invariant is designed as a Zero-Knowledge-Inspired Infrastructure. We verify hardware-backed execution, not user identity.
1. Structural Privacy
We do not rely on "policies" to protect user data; we rely on cryptographic constraints. Our architecture is decoupled: the Attestation Engine verifies hardware integrity without ever requesting access to user identity layers (PII).
2. Data Ingress (The Signal)
The Protocol processes strictly non-identifiable metadata required to validate the Trusted Execution Environment (TEE):
X.509 Attestation Chain
The certificate chain provided by the Android Keystore to verify the hardware root of trust.
Ephemeral Public Keys
A P-256 public key generated inside hardware-backed secure execution (TEE / Secure Element). This key is mathematically unrelated to the user's identity.
Cryptographic Heartbeats
Signed timestamps proving device uptime. These contain no location or behavioral data.
3. Data Exclusions
The Invariant SDK operates sandbox-isolated and does not request the following permissions:
- Biometric Data (FaceID/Fingerprint)
- GPS / Geolocation History
- Phone Numbers / SMS Logs
- Contact Lists / Social Graph
- Advertising ID (GAID/IDFA)
- App Usage History
Invariant remains fully functional without access to any of the above.
4. Identifier Hashing
To prevent device fingerprinting across different applications, any hardware identifiers are strictly Salted and Hashed (SHA-256 with per-context salts) before persistence.
Raw hardware serial numbers are processed in-memory during the handshake and discarded immediately. They are never written to disk.