Instead of sending plaintext in chat, you wrap a message (and attachments) into a single encrypted capsule file (.cfcaps) and share it via any channel (Telegram/email/drive/USB). The recipient opens the file in the app.
What’s different vs “just encrypt a file” is that the unlock policy travels with the ciphertext:
time window
geo radius
password (Argon2id)
visual key (optional)
AND/OR logic across rules
Current clients: Android + Windows. Crypto: AEAD (AES-GCM / ChaCha20-Poly1305).
Threat-model boundary: policy checks are local; a fully compromised endpoint can bypass checks or exfiltrate plaintext after legitimate open.
I’d value technical feedback on:
threat-model clarity
strongest real use case
what trust artifact you’d want next (format spec, test vectors, reproducible builds)