Parable docs
Identity as architecture
Parable is the user-facing application of the Ma'atara Protocol — a post-quantum, hardware-rooted content provenance platform. Everything you do here is signed by a self-sovereign identity that lives only on your device. The server never sees your keys, your recovery phrase, your plaintext notes, or your email address. This page is a long-form, multi-stakeholder explainer of what each piece does and how the pieces fit together.
PATENT PENDING · Ma'atara Protocol · ma-atara.io
1. Identity as architecture
Every Parable account is a decentralised identifier of the form did:maatara:<sha3-384(publicKey)>. It is
minted on your device from a 24-word recovery phrase and a hardware-bound
passkey. The signing key is a NIST FIPS 204 ML-DSA / Dilithium2 post-quantum pair; the key for sealing data at rest is a NIST FIPS 203 ML-KEM / Kyber768 pair. Both are deterministically derived
from the recovery phrase, so the same person on the same phrase always re-derives the same DID.
The implication is large: there are no usernames, no password databases, and no central authority that can spoof, freeze, or forge you. Every action you take inside Parable — saving a note, anchoring a chain block, registering provenance, granting AI consent — is a Dilithium-signed statement carrying your DID as its author. Anyone, anywhere, can verify it without a permission slip from us.
2. The Notes app
The Notes app is the everyday face of Parable. It looks like a familiar end-to-end-encrypted notebook with rich text, attachments and version history — but underneath, every note is a signed object in your personal chain. The mechanics:
- On-device editor. The note body and attachments never leave your device in plaintext. We hash them with SHA3-384, encrypt them with a per-note key wrapped to your Kyber public key, and only ship the ciphertext + signed commitment to storage.
- Version history. Each save is a new signed block referencing the previous one. You can scrub through every revision (see Notes → Version History) and prove exactly which version was authored when.
- Attachments addressed by hash. Images, PDFs and audio live in a content-addressed store keyed by their SHA3-384 digest, so a single attachment shared across many notes is stored once and tampering is detectable instantly.
- Optional Aegis protection. Tick Protect with Aegis on any note to lift its commitment into the public provenance fabric — without revealing the content. See How Aegis protects your notes.
- Cross-device. Restore the same DID on any device using your recovery phrase and your encrypted note chain re-materialises locally. The server only ever sees signed ciphertext.
3. Veritas — your personal chain
Veritas is the per-user, append-only chain that records every consequential action on your DID — note saves, key rotations, provenance registrations, consent statements, device pairings. Each block is a Dilithium-signed JSON envelope containing the SHA3-384 hash of its payload and a hash pointer to the previous block.
Crucially, the chain itself is held by you. The edge stores commitments — hashes and signatures — not contents. That gives you a tamper-evident, audit-grade record of your own activity that survives device loss, but which we cannot read or compel. You can browse it in the Chain inspector and verify any block via the public verification API (see Developer endpoints).
4. Aegis — public provenance fabric
Aegis is the public side of provenance. Where Veritas is your private ledger, Aegis is the global, queryable index where you choose to publish hash-only fingerprints so the world can verify your authorship of a piece of content without ever seeing the content.
It uses a multi-layer fingerprint stack: SHA3-384 of the raw bytes for exact match, PDQ perceptual hashes for images, TMK+PDQF for video, SimHash-256 over k-gram shingles for text, and DINOv2 embeddings for semantic image similarity. None of these are reversible. You can register, query and verify against Aegis from the Detect and Verify pages, and the long-form explainer for the Notes integration is at /docs/aegis.
5. AI consent Coming soon
Modern AI systems are trained on the open web — usually without asking the people who wrote it. Parable will let you attach a machine-readable consent statement to any content you publish, following the IETF AI-Pref specification, and signed under your DID so the statement is non-repudiable.
The consent worker (ai-consent.ma-atara.io)
stores a SHA3-384-keyed record of your preferences (training, fine-tuning,
retrieval-augmented use, derivative works, attribution requirements) and
serves them under the canonical AI-Pref endpoint. Crawlers and model
providers can resolve a content URL → AI-Pref policy → signed proof in a
single HTTPS call. A public preview is wired up at /consent; the
full publisher dashboard ships next.
6. Privacy & the zero-knowledge email linkage
One of the hardest problems in a self-sovereign identity system is continuity: how do we recognise that the person signing in today on a freshly-wiped device is the same person who created an identity here last year — without keeping a copy of their email, name or any other linkable identifier on a server that could one day be breached, subpoenaed, or quietly mined?
Parable's answer is a deliberately one-way email linkage. When you sign in
with a Google OAuth flow, the auth worker takes the verified email
address, normalises it, and computes an HMAC-keyed hash using a server-side
secret that never appears in code, logs, exports, or backups. Only that
hash is stored. The KV key is literally account:h:<hash>; the plaintext email
is discarded the moment the hash is computed.
Why this counts as a zero-knowledge linkage in practice:
- Given the database alone, an attacker cannot reverse a hash back to an email — HMAC with a 384-bit key makes a dictionary attack on the world's email addresses computationally infeasible, and the secret is required to even recompute the hash for a known email.
- We can still answer the only question we need to ask — "have we seen this email before?" — by hashing the new sign-in with the same secret and checking for a match. Yes/no, nothing more.
- Audit rows store only the first 16 hex of the hash plus a redacted
display form (
r***s@gmail.com) so operators can spot abuse patterns without ever holding addresses. - Your DID, your recovery phrase, your passkey private keys and your note contents are never sent to or stored on any Parable server. Not encrypted-at-rest, not in transit, not in backups. Self-custody is enforced by the protocol, not by policy.
This linkage is what powers the "Welcome back" chooser: when a known email signs in on a wiped device, we can offer to restore their existing DIDs from their recovery phrase instead of silently minting a new orphan identity — without us ever having had a list of email addresses to compromise in the first place.
7. The provenance packages
Under the hood Parable is composed of a small number of focused services, each with a single responsibility and a clear cryptographic contract:
| Service | Hosted at | Responsibility |
|---|---|---|
| Core | notes.ma-atara.io | Veritas chain (append/head/blocks), notes ciphertext store, content-addressed attachment store, cross-device pairing. |
| Aegis | aegis.ma-atara.io | Public provenance fingerprints (image, video, text), register + query + verify, hash-only. |
| Auth | auth.ma-atara.io | OAuth bridge, passkey/OPAQUE registration, HMAC-hashed account index, DID linkage, abuse controls. Stores no plaintext email and no key material. |
| Edge Key Fabric | ekf.ma-atara.io | Distributed PQC key lifecycle — prekey bundles, trust kernels, key-status registry, signed rotation epochs. |
| AI Consent | ai-consent.ma-atara.io | IETF AI-Pref consent records, signed under your DID, resolvable per content hash. |
All five run on Cloudflare's edge in 300+ cities and speak the same wire format: every request is a Dilithium-signed envelope; every response is a signed receipt. A separate Rust workspace compiles the post-quantum primitives to WebAssembly so the same code paths run on the edge and in your browser.
8. Developer endpoints
Signed-in accounts can drive the entire protocol from outside the
Parable UI. All endpoints accept a Dilithium-signed envelope, return a
signed receipt, and are CORS-enabled for the prabl.ai origin. The Developer Dashboard exposes them with live status and example payloads. A pragmatic subset:
| Method | Endpoint | Purpose |
|---|---|---|
| POST | core /api/chain/append | Append a signed block to your Veritas chain. |
| GET | core /api/chain/head | Current head + signed receipt. |
| GET | core /api/chain/blocks | Paginated block list for audit. |
| GET / PUT | core /api/notes/<did>/<noteId> | Read / write a signed note ciphertext object. |
| GET | core /api/notes/<did>/<noteId>/versions | Per-note version history. |
| POST | core /api/pair/offer | Cross-device pairing handshake. |
| POST | aegis /api/register | Publish a hash-only image provenance capsule. |
| POST | aegis /api/register/video | TMK+PDQF video fingerprint registration. |
| POST | aegis /api/register/text | SimHash-256 chunk registration for prose. |
| POST | aegis /api/search/fragment | Nearest-neighbour lookup by fingerprint. |
| POST | aegis /api/verify | Verify a signed provenance proof. |
| GET | ekf /api/capabilities | Discover edge key fabric capabilities. |
| POST | ekf /api/prekeys/upload | Publish a signed prekey bundle. |
| GET | ekf /api/key/status/<fingerprint> | Key Status Registry lookup (rotation/revocation). |
| POST | consent /api/v1/consent | Publish a signed AI-Pref consent record. |
| GET | consent /api/v1/consent/<contentId> | Resolve the AI-Pref policy for a piece of content. |
The complete machine-readable spec is exposed by the docs worker at docs.ma-atara.io (OpenAPI + signed schemas). For integration help, sign in and head to the Developer Dashboard — it exercises every endpoint against your own DID with replayable curl snippets.
Building a one-click Share to Parable button or a Create note action into another app? See the dedicated integrator guide — it documents the compose URL contract, the data shape and the privacy guarantees.
9. Who we build for
Ma'atara is a protocol, not a product — and we're actively looking for partners and integrators to put it under their own workflows. If you recognise your work in any of the patterns below, we'd like to talk. We're committed to re-grounding the trust axis of digital life: who made this, when, and under what consent. Everything else follows from that.
Creators & journalists
Prove that a photograph, an article or a draft existed on a given date, signed under your name, before anyone else can claim it — without uploading the content itself. Built for breaking news, manuscripts and evidentiary photography, where the priority order is first, intact, attributable.
Enterprises & regulated industries
Hardware-rooted, post-quantum signing for documents, model artefacts, software releases and audit trails. Veritas chains give you a tamper-evident internal ledger; Aegis lets you publish only the fingerprints external auditors need. Designed to drop in alongside existing SIEM, HSM and compliance pipelines rather than replace them.
Research & integrity
The replication crisis is, at heart, a provenance problem: methods, parameters and datasets that cannot be reconstructed from what was published. Parable lets researchers pre-register hypotheses, sign the full methodology and pin the dataset fingerprint with a Dilithium timestamp — private until you publish, verifiable from day one. We see replicable research and reproducible method as a critical frontier and are actively shaping integrations for that work.
AI labs & model providers
Resolve the IETF AI-Pref policy on any content you crawl, with a signed proof you can keep in your training-set manifest. Good-faith consent handling without re-implementing crawl infrastructure — and a clean audit trail when the regulator asks how you knew.
Regulators & platforms
Verify authorship and provenance of any piece of content against a public index, with no access to the content itself and no dependence on any single platform. Aligns with C2PA, EU AI Act content-marking and the emerging duty-of-care provenance regimes.
Everyday users
A really nice notes app where the words you write stay yours — readable on every device you own, invisible to everyone else, and provably authored by you whenever you need that to be true.
Partners & integrators
If you ship anything where authorship, consent or evidentiary integrity matter — a CMS, a journal platform, a model registry, a court e-filing system, a creator marketplace — Ma'atara is designed to slot underneath it. Reach out at ma-atara.io.
Parable is the application layer; Ma'atara is the protocol. The protocol is patent pending. The cryptographic primitives are NIST-standard, FIPS-aligned, and post-quantum by default. Nothing on this page describes a feature that depends on trusting Ma'atara: every claim above is verifiable from public signatures and open standards. If something looks wrong, sign in and verify it yourself on the Verify page.