MAX was created to eliminate the need for emails, phone numbers, and centralized accounts. Your identity is not tied to a server: it is entirely mathematical, built from a set of keys generated from two secret phrases that remain on your device and never leave your control.

This approach enables a level of privacy and security impossible in classic account-based models: no intermediary holds copies of your private keys, and no one can reconstruct your identity from server-stored data.

Privacy by design

• No tracking, no analytics, no hidden identifiers.
• No personal data required to use the app (no email, no phone number).
• Your phrases stay local: they are never sent, stored, or synced.
• The server sees only public keys, SPHINCS+ signatures, and encrypted packets — all information not linkable to a real-world identity.
• Your mathematical identity can be reconstructed at any time, on any device, simply by re-entering the two secret phrases.

Real-world security

• SPHINCS+ for logins, registrations, and file signatures (post-quantum, stateless).
• FrodoKEM for secure secret exchange in MAX Chat.
• MX² (XChaCha20-Poly1305 + Argon2id) for modern, robust local encryption.
• Each module (Login, Chat, Lock, Signature) uses different keys, generated in isolated contexts: a compromise does not propagate to other modules.
• Private keys are never transmitted or stored on the server. Even with full database access, no one can reconstruct your identity.

Verifiable, even without open source

The MAX App does not require blind trust: it is designed to be externally verifiable. A technician can independently confirm that the system works as declared, thanks to:

• key generation and packet creation even in offline mode;
• export of SPHINCS+ signatures and public keys for independent verification;
• MX² decryption of exported containers on another user-controlled device;
• proof that the server never generates or influences private keys.

Everything can be checked using mathematics and standard tools: open-sourcing is not required, because the system already supports cryptographically-verifiable transparency.

A unique mathematical foundation

The core of the identity engine is the MAX Prime Theory, an original theory on prime numbers that allows the generation of deterministic, high-entropy structures from which the MAX-ID and part of the app’s keys are derived.

This approach combines a simple user experience with security based on verifiable mathematical properties, not on personal data or centralized servers.