1. Zero Data Philosophy
We cannot disclose your data because we do not possess it. Phantom Protocol is architected around principles of absolute data minimization. The cryptographic keys securing your local message payload never leave your device. Our servers are computationally blind to your real-time audio and video feeds, which are relayed directly peer-to-peer.
2. What We Actually Store
To establish initial routing handshakes (signaling), we temporarily utilize Firebase Authentication and Firestore.
- Authentication: Only the minimal identifiers required to map a user ID to a session. If you sign in via Google, Firebase retains your email and OAuth token. You can also sign in anonymously to omit this completely.
- Signaling Keys: We briefly transmit encrypted signaling packets to negotiate the WebRTC mesh connection. Once connected, the infrastructure drops the handshake data.
3. Local Device State
Your long-term private keys, identity shards, and text message histories are persistently stored in your browser's local IndexedDB. If you clear your browser cache or uninstall the app, your history is critically irrecoverable and permanently destroyed.
4. Tracking & Analytics
We run zero third-party telemetry. Zero tracking scripts. Zero analytics. Not now, not ever.
5. Government Requests
When served with a legally compelling, enforceable subpoena or warrant, our standard response dictates full compliance. However, we will only submit the data we possess. Because we do not log chat history, possess your master encryption keys, or route your secure mesh traffic, any payload surrender will be inherently indecipherable to the requesting authority. The math protects you where policies fail.