Secure Legion

SecurePay Overview SecurePay is a feature within the Secure Legion ecosystem designed for private, cross-chain cryptocurrency payments. It allows users to request and send funds (specifically Solana and Zcash) directly through encrypted chat messages. The system is built on the NLx402 protocol and prioritizes privacy by routing all traffic through Tor and using end-to-end encryption.

Core Features

• Cross-Chain Support: Users can send and receive both Solana (SOL) for speed and Zcash (ZEC) for maximum privacy.
• Zero Metadata: Payments travel through Tor hidden services, ensuring no metadata about who is paying whom is exposed.
• Serverless Architecture: The system is peer-to-peer with no central server to log transactions or store data.
• End-to-End Encryption: All payment messages are encrypted using XChaCha20-Poly1305.
• Verifiable Requests: Uses the NLx402 protocol to generate cryptographic payment quotes, ensuring payments are linked to specific requests.

How It Works (5-Step Process)

1. Create Request: A user (Alice) creates a request for funds (e.g., 0.5 ZEC). The system generates an “NLx402 quote” with a unique hash.
2. Encrypted Transmission: This request is encrypted and sent to the recipient (Bob) via Tor using the “Ping-Pong Wake Protocol.”
3. Review: Bob receives the request in the chat interface, reviews the amount, and decides whether to approve it.
4. Send Payment: If Bob approves, he signs the transaction on the blockchain. The transaction includes a memo (NLx402:<quote_hash>) linking it to Alice’s original request.
5. Verification: Bob sends a confirmation message with the signature. Alice’s device verifies the transaction on the blockchain and confirms the memo matches her quote.

Technical Protocols & Security

Ping-Pong Wake Protocol: This ensures messages are delivered peer-to-peer without servers.

• Ping: Sender transmits an encrypted “wake” signal to the recipient’s Tor address (.onion:8080).
• Pong: Recipient acknowledges availability.
• Message: The full encrypted payment payload is delivered only after this handshake.
• Benefits: Instant delivery when online, automatic retries when offline, and no metadata leaks.

Unified Cryptography (Solana-Based Keys):

• The system uses Ed25519 keypairs (standard for Solana) for everything: identity, encryption, and routing.
• One Seed Phrase: A single backup phrase restores your messaging history, wallet funds, and Tor identity.
• Key Derivation: The master Ed25519 key signs transactions; an X25519 key is derived for message encryption; and the Tor .onion address is generated from the public key.

NLx402 Payment Protocol:

• Inspired by the HTTP 402 code (“Payment Required”).
• Creates a quote_id and hash for every transaction.
• Prevents “replay attacks” (claiming the same payment twice) by tracking these hashes in a local SQLCipher database.

Supported Currencies

• Solana (SOL): Optimized for speed (~400ms finality) and low fees.
• Zcash (ZEC): Optimized for maximum privacy with shielded transactions (~75s speed).

Security Considerations

• Device Security: Private keys are stored in the Android Keystore or an encrypted database. If the device is compromised, funds are at risk.
• Tor Requirement: An active Tor connection is required to send or receive payment requests.
• Seed Phrase: Users are responsible for their BIP39 mnemonic phrase; losing it means losing access to both funds and identity.

It was a challenge getting two devices to communicate over Tor without any notification relay or servers. Our ping-pong wake protocol was paramount to this success, but it wasn’t easy — we had to develop a solid ACK system with TAP and retry workers. Our goal was to create a truly private messaging and payment app, and we truly believe we have accomplished this.