0.1.1-beta

PQPG Architecture Update: The "Phantom Workspace"

With this architectural overhaul, PQPG fundamentally neutralizes "Evil Maid" attacks, cold-boot memory dumps, and physical forensic SSD extraction. By bridging Golang's native streaming capabilities with OS-level memory isolation, we have successfully decoupled the Cryptographic Control Plane (your private keys and state) from the Data Plane (your files).

All identity-linked cryptographic operations now execute entirely within a zero-trace, ephemeral RAM-disk.

Core Security Upgrades

• Zero-Trace Execution Pipeline (/dev/shm): At launch, PQPG now dynamically mounts an invisible, strictly-permissioned (0700) Phantom Workspace in volatile RAM. Master keys, Address Books, and Double Ratchet databases are decrypted directly into this hardware-backed memory layer. If the machine loses power, the kernel panics, or the CLI process is killed, the RAM clears instantly. Zero physical trace survives on the SSD flash chips.
• Atomic State Rollbacks: The Double Ratchet state engine (sessions.db) now updates exclusively inside the RAM-disk during packet decryption. If a message is malformed, fails the AES-GCM MAC check, or attempts a replay attack, the RAM-disk is violently shredded and the persistent SSD database remains completely untouched, preventing state corruption.
• Hardware-Style Anti-Rollback Guards: Stateful Hash-Based Signatures (LMS/XMSS) now load their mathematical sequence counters and canary.bin tracking files into the Phantom Workspace. The OS kernel enforces synchronized state progression in RAM, safely writing back to the SSD only upon a flawless, verified signature generation.
• Air-Gapped Identity Generation: The identity.GenerateIdentity engine now boots inside the Phantom Workspace. Unencrypted Post-Quantum lattice keys and Hash-Based signature parameters are generated and mathematically bound strictly in volatile memory before being sealed via Argon2id/AES-GCM and safely extracted to the persistent disk.

Under the Hood (Developer Notes)

• New Package Integration: Introduced internal/phantom, providing the Workspace and Bridge logic. The bridge handles the bit-by-bit secure copy (I/O) of the encrypted AES-GCM vault from the persistent disk into the RAM mount.
• Cross-Platform Graceful Fallback: While natively targeting Linux /dev/shm for hardware-level volatility without requiring sudo privileges, the engine gracefully falls back to strict OS-level temporary directories on macOS and Windows.
• Identity-Less Protocol Bypass: Asynchronous Time-Lock Puzzles (VDFs) and Steganographic engines inherently avoid the Phantom pipeline, as their mathematical operations are strictly stateless and process without mutating the user's identity directory.