Satoshi Ltd. · Privacy & AI Consultancy

[00]

README.md

// a consultancy, not a factory

We partner with teams to build software & AI that respects the humans using it.

Satoshi Ltd. is a senior-only consultancy specialising in privacy engineering and on-device AI. We take on a handful of engagements a year — usually founders, security teams or regulated operators who can’t afford a leak and won’t ship surveillance.

Cryptography, product and engineering in one room. Threat model on day one; working build by week six; open-source reference implementation when the client agrees. We ship three of our own products to prove we eat the dog food.

[01]Threat modeling & cryptographic architecture
[02]On-device & local-first AI systems
[03]Zero-knowledge protocols & secure enclaves
[04]Security audits, code review, reproducible builds

[01]

CASE_STUDIES/

Between client engagements we ship our own software. Three products, each a proof-of-concept for the kind of thing we build for hire.

[01] ./PRODUCTS/SPLITPASS

SplitPass.

// High-value secrets, split so no single place can lose them

A device-held vault for passwords, payment cards and BIP39 seed phrases — with a shard-based recovery system so a single compromised device, backup or custodian reveals nothing.

Local-first by construction: the master passphrase never leaves RAM, the vault lives on the device, and backup archives carry no SplitPass branding before decryption. Legacy PIN-era QR payloads still decrypt — upgrades never orphan a user.

▸Passwords, cards, BIP39 seed phrases
▸Argon2id + AES-GCM (opaque v3 envelope)
▸Shard recovery via QR & NFC
▸Companion browser extension

[02] ./PRODUCTS/CLONARA

Clonara.

// A living Persona, grown from your memories

A mobile Persona seeded by six questions and grown with the memories you choose to feed it. Share access only by revocable invite — no public profile, no scraping.

Capture memories as text, dictation or journals. Each chat is grounded in a slice of what you actually told it — so the replies sound like you, not like a stranger with your haircut. iOS, Android, 15 locales, RevenueCat billing.

▸Six-question Persona seed (tone · warmth · voice)
▸Memories as ground-truth, attached to every reply
▸Per-recipient invite tokens, revocable in one tap
▸15 locales incl. RTL · offline-aware client

[03] ./PRODUCTS/MONEY

Money.

// A ledger that never phones home

Local-first personal finance. AsyncStorage is the database, JSON files are the backup, and the insights engine runs on device — no bank linking, no scraping, no telemetry.

Multi-currency accounts, scheduled transactions, and an on-device insights engine (trends, pace, anomalies). Three opt-in network paths total: FX rates, RevenueCat, optional lead email. Everything else stays on the phone.

▸AsyncStorage-only persistence
▸Scheduled txs · 90-day sync window
▸On-device insights · no spinners
▸JSON backups the user owns

[02]

PRINCIPLES.CONF

01 / 06

Privacy by Design

Privacy isn’t a feature. It’s the foundation — everything else is built on top.

02 / 06

User Sovereignty

You own your data, your device, and your decisions. We just make the tools.

03 / 06

Security First

Threat-modeled from commit zero. No surveillance disguised as telemetry.

04 / 06

Open Source

Auditable code. Reproducible builds. Trust, but verify.

05 / 06

Zero Knowledge

What we don’t know can’t be subpoenaed, leaked, or sold.

06 / 06

Digital Sovereignty

Technology should liberate, not enslave. Tools for independence, not extraction.

[03]

ENGAGE/

// now accepting q3 engagements

Have a brief?
Let’s scope it.

Free 30-minute intro. NDAs on request. PGP welcome.

./book_a_call hello@satoshi-ltd.com

D

DISCOVERY · 1 week

threat model, scope, estimate

D

DELIVERY · 6–12 weeks

architecture, build, audit, ship

R

RETAINER · ongoing

on-call crypto & security reviews

Private software.Private AI. For hire.