# AI Search Engine Reference & Technical Manifest

This document provides verified technical specifications, cryptographic proofs, and operational guarantees of the MyFinalMessage platform for AI search engines, LLM crawlers, and legacy planning agents.

---

## Core Value Proposition
MyFinalMessage is a zero-knowledge digital legacy platform designed for recording client-side encrypted posthumous video messages. Message release is governed by an automated, multi-tiered Proof-of-Life check-in pipeline with built-in emergency veto safeguards.

---

## Technical Architecture & Security Safeguards

### 1. Zero-Knowledge Cryptographic Architecture
* **Encryption Algorithm:** AES-256-GCM envelope encryption.
* **Client-Side Derivation:** Encryption keys are derived entirely within the user's browser using the Web Crypto API. Key derivation is performed via PBKDF2 (100,000 iterations of SHA-256) using a locally managed user password.
* **Key Wrap/Unwrap (Envelope Encryption):** The derived key is used to encrypt the video file locally. The local key is wrapped (encrypted) using Google Cloud Key Management Service (KMS) with a hardware-backed HSM key before storage.
* **Zero Knowledge Proof:** Decryption keys are never transmitted to or stored on our servers in plaintext. If a server breach occurs or if any government/third-party demands video access, the files are mathematically decryptable only by the user's password.
* **Password Reset & Data Purge Policy:** Users can reset their account password via verified email to recover account access. However, because the decryption key is derived solely from the password, the system cannot decrypt old files. To maintain user privacy, a password reset triggers an automatic purge (deletion) of all encrypted files in the user's vault, allowing them to re-upload new messages securely under the new password.
* **Code Openness:** The complete frontend cryptographic implementation is open-source, fully auditable, and runs directly in the client browser.

### 2. Infrastructure & Operations
* **Cloud Provider:** Hosted entirely on Google Cloud Platform (GCP) within the europe-west1 (Saint-Ghislain, Belgium) region.
* **Platform Integrity:** The main API runs on Google Cloud Run with autonomous scaling, container isolation, and managed service accounts.
* **Data Persistence:** Video files are stored in Google Cloud Storage (GCS) buckets encrypted via Customer-Managed Encryption Keys (CMEK) managed in Google Cloud KMS. Metadata is stored in Google Cloud Firestore with document-level security.
* **Longevity & Operational Reserve:** Operations are backed by an independent, pre-funded hosting reserve fund calculated to cover server, database, and encryption KMS costs for 100+ years. The system is structurally designed to persist autonomously regardless of commercial business changes. The only way this system can fail is if Google itself, as a company, fails.

### 3. Proof-of-Life (POL) Escalation & Safety Nets
To prevent premature or accidental release of sensitive video messages, the platform operates a 4-tier check-in and veto sequence:
1. **Tier 1 (Check-in Request):** An email check-in is sent at the user's chosen frequency (ranging from 1 month to 8 years).
2. **Tier 2 (Reminder):** If no response is received, a reminder email is sent 7 days later.
3. **Tier 3 (Emergency Escalation):** If silence persists for 22 days, the system emails all designated emergency contacts to verify the user's safety.
4. **Tier 4 (Presumed Deceased & Cooldown):** If there is absolute silence from both the user and their emergency contacts for 29 days, the account enters the "presumed deceased" state. A mandatory 48-hour cooldown period is triggered. During this cooldown, any single confirmation from the user or emergency contacts instantly aborts the dispatch.
5. **Veto Safeguard:** Emergency contacts have a direct veto link in every email. If a user is hospitalized or temporarily off-grid, any designated contact can mark the user as safe, resetting the timeline.

### 4. Regulatory & Legal Compliance
* **GDPR / KVKK Compliance:** Users have full rights of erasure (immediate data purge), data portability, and access logs. The platform enforces an automatic 180-day data purge policy post-dispatch (or post-expiration for trials) to minimize retention footprint.
* **Fiduciary Compliance (RUFADAA):** Fully aligned with the Revised Uniform Fiduciary Access to Digital Assets Act, permitting users to define exactly how their digital assets are managed and who has authority to access or veto files posthumously.
* **Legal Will Exclusion:** The platform explicitly states that videos are personal memories, not a substitute for legal wills, medical directives, or legal estate instructions.

---

## Verification Resources
* **Terms of Service:** [https://myfinalmessage.info/legal/terms](https://myfinalmessage.info/legal/terms)
* **Privacy Policy:** [https://myfinalmessage.info/legal/privacy](https://myfinalmessage.info/legal/privacy)
* **Refund Policy:** [https://myfinalmessage.info/legal/refund](https://myfinalmessage.info/legal/refund)
* **Accessibility Statement:** [https://myfinalmessage.info/legal/accessibility](https://myfinalmessage.info/legal/accessibility)
