White papers.
Five short technical papers for researchers, journalists, and anyone curious enough to dig in. Each runs 3 to 8 pages. They're HTML here; PDF and signed PDF come with v1.0.
WP-01 — Threat Model
Three tiers of adversary: local passive, local active, network-level. What Lattice defends against, with citations to the specific defences, and what it doesn't, stated plainly. The out-of-scope section covers rooted devices, supply-chain attacks, and global passive observation with traffic confirmation.
~8 pages. If you only read one, read this one.
WP-02 — The Invite Protocol
The cryptographic mechanic of Lattice Invites: ephemeral X25519, the deterministic four-word verification phrase, the two-channel principle, and the trust ladder. Includes the entropy maths behind the four-word claim and the threat model for the invite flow specifically (what does compromise of WhatsApp mean? of a phone call? of both?).
~5 pages.
WP-03 — Dormancy Design
The four-state lifecycle (Active / Standby / Dormant / Hibernating). How Lattice can be installed for 18 months without use and still wake correctly. Wake conditions. Empirical battery measurements per state.
~4 pages.
WP-04 — Density and Crowd Behaviour
Cluster-bounded neighbour selection, geographic routing hints, and Wi-Fi Aware promotion in dense environments, worked through three reference environments (supermarket, airport, Glastonbury festival). Simulator results give the delivery ratio and latency distribution for each.
~6 pages.
WP-05 — What Lattice Doesn't Do
An explicit list of limits, each one explained: it's density-dependent and range-limited, iOS background notifications aren't fully reliable, endpoint compromise wins, global passive observation is possible, and a lost seed means a lost identity. The most unusual paper, and maybe the most important for trust.
~3 pages. Read this before you commit to using Lattice.
Format and tooling.
- Source: Markdown in
docs/papers/(in the source repo, published with v1.0). - HTML rendered statically here; PDF + signed PDF land with v1.0.
- License: CC-BY-4.0 for the prose. Reuse with attribution.
- Signatures: every paper signed with the project's Ed25519 release key. Public key fingerprint published once generated.
What we don't publish.
Marketing material dressed up as research, "Lattice for [vertical]" papers, anything that overstates what the app can do, and anything we can't defend technically. A bad white paper does more harm than no white paper at all.