SpaceBox Ground Coming soon · not yet available

Sharing, transfer, and recovery.

SpaceBox Ground is not yet available. It is the full SpaceBox release. It includes everything in SpaceBox Lite today, built on the same post-quantum crypto, and adds the capabilities Lite does not yet have: two-way per-recipient sharing, ownership transfer, a dead-man's-switch for digital inheritance, and a 24-word recovery phrase. Run it as managed Cloud, or as a hardware appliance you own and keep off-grid.

SpaceBox Ground features. Light years beyond SpaceBox Lite.

Ground keeps everything in SpaceBox Lite unchanged (on-device ML-KEM-768 + AES-256-GCM, non-custodial keys, passwordless login) and adds five capabilities on the same foundation. Scroll to follow each one.

Feature 01 · sharing

Grant to a name. Revoke per person.

Sharing is not a public link. Each recipient gets a new encrypted entry sealed to their key. Add or remove any individual at any time, without re-encrypting the file for everyone else.

acl-add · acl-remove · share-request
Feature 02 · transfer

Hand over ownership, not just a copy.

Transfer a file, and its custody, to another user. They accept the request; from then on it is theirs, decryptable only with their key, and your access ends.

transfer · transfer-request
Feature 03 · continuity

Access that survives your absence.

Arm a dead-man's-switch. If you stay silent past a window you set, a pre-authorised successor inherits access automatically. Inheritance for records that would otherwise be lost.

deadman-arm
Feature 04 · recovery

Rebuild your key from 24 words.

A standard BIP39 phrase reconstructs your private key offline, on any device. Lose your laptop and you still have your data. There is no reset email and no support back door.

BIP39 · AES-256 backup · no back door
Feature 05 · deploy

Cloud, or air-gapped hardware.

The same software runs as managed Cloud or as a hardware appliance you own and keep off-grid. The keys and access rules are identical; you choose where the vault physically lives.

SaaS · on-premise appliance
spacebox · share
$ spacebox acl-add contract.pdf --to janine [client] Sealing file key to janine's ML-KEM-768 public key… [client] New SBXB entry written · 1184 B ✓ janine can now decrypt contract.pdf $ spacebox acl-remove contract.pdf --user janine ✓ entry removed · access revoked
matter-04.pdf
owned by you
↓ transfer-request · they accept
New owner
decryptable only with their key
Owner
You
custody relinquished
No access
Ownership moves once. No shared copy is left behind.
You · active
last check-in today
silence window · 90 days
No check-in
the timer runs down
↓ window elapses
Successor gains access
pre-authorised · automatic
Released
You set the window, and can reset the timer any time.
Your recovery phrase
01 · orbit02 · cipher03 · vault 04 · ground05 · signal06 · kepler 07 · quantum08 · ledger09 · ···

24 words → 256 bits of entropy → your private key. Written once, kept offline, known only to you.

Same software
identical keys & access rules
↓ you choose where it lives
Cloud
managed on i46 EU infra · ciphertext only
Hosted
Hardware
air-gapped appliance you own
On-prem
Move between them without changing how encryption works.
i.

Zero-knowledge

Encryption happens on your device. The server stores ciphertext and metadata only; it never holds a key that could open it.

ii.

Post-quantum

ML-KEM-768 key exchange with AES-256-GCM bodies, resistant to harvest-now-decrypt-later attacks.

iii.

Non-custodial

Your private key lives in your local keystore and is recoverable only from your 24-word phrase. No back door, no reset.

Key encapsulationML-KEM-768. NIST FIPS 203 (Kyber), via liboqs. 1184 B public key, 1088 B ciphertext.
Content encryptionAES-256-GCM via CryptoKit. 256-bit key, 96-bit nonce, 128-bit auth tag.
Bundle formatSBXB. One independent AES-GCM entry per recipient; the key is wrapped under each recipient's ML-KEM public key.
AuthenticationKEM challenge–response. The server encapsulates to your public key; you decapsulate to prove identity. No passwords.
Recovery phraseBIP39 24-word mnemonic → PBKDF2-HMAC-SHA512 seed → AES-256-GCM wrap of the private key. Rebuilds your key on any device, offline.
Key custodyLocal only. Private key stored on-device; never transmitted to i46.
Air-gapped hardwareOn-premise appliance. The same platform runs off-grid with no conventional network interface; ciphertext and custody stay in your building.
TransportTLS to spacebox.i46.cz; the payload is already end-to-end encrypted beneath it.

Implementation reference · SpaceBox client (macOS) ↗

In build

SpaceBox Ground is coming.

The full vault (sharing, transfer, inheritance and 24-word recovery, as Cloud or Hardware) is in build. Leave your details and we will notify you when it is available. Pricing is on the pricing page.