No. The MAX App does not require email, phone number, name, address, or any identifying information. The two secret phrases always remain on the device and are never sent to the server. The server receives only public keys, SPHINCS+ signatures, and encrypted packets — data not linkable to a real-world identity.

The MAX identity is purely mathematical: all keys are derived deterministically and locally from your two phrases using Argon2id, HKDF, MX² and the MAX engine (based on the MAX Prime Theory). This means:

• no account is required;
• you can regenerate everything on any device;
• the server cannot reconstruct your private key or the keys of other modules.

It means that the algorithms used by the MAX App (SPHINCS+ for signatures, FrodoKEM for key exchange) are designed to resist future quantum computers, which would break classical methods such as RSA or ECC. These algorithms are approved or recommended within the NIST PQC standardization process.

No. In MAX Chat, the server acts as a simple blind courier. Messages are end-to-end encrypted with FrodoKEM + MX². Even with full database access, the server sees only:

• public keys;
• encrypted packets;
• SPHINCS+ signatures.

No secret is ever saved or generated on the server.

The MAX-ID is a mathematical identifier built from a Merkle Root over ~300 deterministic primes generated from your phrases. Only a small subset (around 5 at a time) is ever shown in packets; the rest always remains local. Even after observing hundreds of logins, no one can reconstruct the initial phrases or the full set of primes.

Yes. The MAX App can:

• generate SPHINCS+ keys without any connection;
• verify SPHINCS+ signatures offline;
• decrypt local MX² containers;
• prove that keys are created by the device, not by the server.

This allows independent verification even without source code access.

Just re-enter your two secret phrases (or import the encrypted MX² QR). Because the keys are deterministic, your mathematical identity remains the same. No cloud restore is needed, and no accounts exist to recover.

The phrases are the user’s only secret: if lost, they cannot be recovered. You can create an encrypted MX² QR protected by a password and store it offline (printed or on a secure personal device).

The app’s code is not open source, but the system is designed to be mathematically verifiable. Anyone can check:

• SPHINCS+ signatures produced by the app;
• FrodoKEM public keys;
• exported MX² containers;
• the deterministic relation phrases → keys → MAX-ID.

This ensures transparency without releasing sensitive internal code.

Yes, but it requires a separate license. Commercial use of the modules (MAX Login, MAX Chat, MAX Signature, MAX Vault, MAX Prime) is subject to a professional license that ensures security, support, and controlled integration.