What AION sees. What attempting to demand triggers.

The AION server stores the ciphertext of each vault, the Shamir threshold parameters as numbers (not the shards), the routing table that says which sovereign holds which shard index, and the audit-log chain. Nothing in this set, alone or in combination, is sufficient to recover the plaintext.

• The plaintext of any vault.
• The 256-bit AES key that encrypts a vault.
• A combination of shards sufficient to reconstruct a key. The seven sovereign holdings each receive one shard; AION never aggregates them.
• The memory answer, in any form, for any vault.
• Any biometric template. Biometric matches are computed on the user’s device and proved with zero-knowledge attestations.
• The trustee private signing keys.

The line above is not a privacy promise. It is a property of the architecture, asserted by tests, and verifiable by anyone with the source. The Playwright suite for /seal/memory and /unseal/memory opens DevTools Network and asserts that no request body or query parameter carries the plaintext or the memory answer. If a code change ever broke this invariant, the test would fail before merge.

In legal terms relevant to GDPR Article 25, this is privacy by design and by default, asserted at the protocol layer rather than at the operator layer. In Schrems II terms, the ciphertext is meaningless to a non-EU recipient because the key is mathematically inaccessible to AION; no supplementary-measure analysis applies, because no measure an operator could take or fail to take changes the outcome.

AION publishes a warrant canary signed monthly by the AION maintainer of record — today under a 1-of-1 signing schema, threshold-signed under a published m-of-n rule when the protocol grows. Each line of the canary names a specific surveillance instrument — National Security Letters under 18 U.S.C. § 2709, Technical Capability Notices under the UK Investigatory Powers Act 2016, Assistance and Access notices under Australia’s 2018 Act, Article 28 directives under the People’s Republic of China Cybersecurity Law (2017), Russian Federal Law No. 374-FZ encryption-key directives, CLOUD Act warrants under 18 U.S.C. §§ 2701–2713, European Production Orders under Regulation (EU) 2023/1543, and Chat Control directives under Regulation Proposal 2022/0155 — and asserts that AION has not received it.

When a line vanishes, the law has spoken. AION does not need to break a gag, and the reader does not need to wait for a way around the gag. Silence and absence are the message. Every prior canary is preserved in the source repository, so the diff itself is the legal record.

The convergence doctrine forbids backdoors. The Charter operationalizes that prohibition with a structural consequence: receipt by an AION sovereign holder of a binding compelled-decryption order, Technical Capability Notice, or analogous directive triggers an automatic, irrevocable sunset of that holding within thirty days. The shard stored in that jurisdiction is removed from the active 4-of-7 reconstruction grid. The remaining six sovereigns continue. Existing vaults are mathematically unaffected — the threshold tolerates the loss of three.

The effect is that no order can produce decryption. Every order can produce only the orderer’s own removal from the grid. The lawful response of AION to a Technical Capability Notice is therefore not refusal — refusal can draw contempt — but compliance with the only request the architecture can satisfy: the request that this jurisdiction cease to be a custodian. The maintainer of record publishes the fact of sunset, identifies the jurisdiction, and the next canary reflects the change. The order achieves a public record of its own demand, no decryption, and a sovereign-prestige cost that compounds with each subsequent jurisdiction that attempts the same.

AION’s posture is not theoretical. It is shaped by a public record:

• Apple Inc. v. FBI (2016).The United States sought a court order compelling Apple to write custom software to bypass the security of an iPhone. Apple refused on First Amendment and undue burden grounds. The matter was withdrawn before final adjudication. AION takes Apple’s legal posture as a baseline and adds an architectural layer: AION cannot write the equivalent software because the seven holdings each operate independently and AION’s codebase is open.
• UK Investigatory Powers Act 2016, Sections 253–254.Technical Capability Notices and the associated gag obligations were used in 2024–2025 against Apple’s Advanced Data Protection feature, prompting Apple to withdraw the feature from UK users. AION’s Sunset on Notice prevents that outcome: a TCN does not prompt a feature withdrawal, it prompts the holding’s withdrawal from AION. The user’s vault is unaffected.
• EU Chat Control (Regulation Proposal 2022/0155).The European Commission’s proposal would mandate client-side scanning of encrypted communications under a child-protection rationale. AION treats client-side scanning as a backdoor by another name and refuses it on the same Charter grounds. The cryptographic primitives and the seal/unseal flows do not call any scanning subsystem.
• Pavel Durov / Telegram (France, August 2024). Pre-trial detention of a platform founder for alleged insufficient cooperation with state requests. AION’s protocol structure ensures that the maintainer of record holds no decryption capability and no authority to amend the convergence requirements. Coercing the maintainer produces nothing of value to coerce for; the Cessation Protocol allows the protocol to continue under a successor maintainer in any jurisdiction.
• Australia Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018. Authorizes Technical Assistance Notices and Technical Capability Notices. AION’s Australian holding (none is currently designated) would be subject to the same Sunset on Notice rule as any other jurisdiction.
• People’s Republic of China Cybersecurity Law (2017), Article 28. Network operators must provide technical support for state security investigations. AION does not operate under PRC jurisdiction and does not designate a PRC holding. The architecture treats this regime as out-of-scope.
• Russian Federal Law No. 374-FZ (the “Yarovaya Law,” 2016). Requires disclosure of encryption keys on demand. AION cannot disclose keys it does not hold. A Russian holding would be subject to Sunset on Notice on first directive.
• US CLOUD Act (2018), 18 U.S.C. §§ 2701–2713. Extraterritorial reach over data held by US-headquartered providers. AION is operated as a protocol with no US-headquartered doctrine-controlling entity. Where a US holding exists, it holds only one shard insufficient to reconstruct any vault.

Each of these precedents is a public record. AION’s response to each is also a public record — written here, in the Charter, and in the cryptographic source code. None of this requires belief. It requires reading.

• Aggregate sealing counts, never individual signals. A grandmother in Ohio matters as much as a billionaire; neither is named here.
• Government data requests received, broken down by jurisdiction and by what was technically possible to provide. The lawful answer to most of these is “we cannot.”
• A No-Override Channels attestation, signed annually by the AION maintainer of record (or, as the protocol grows, under the threshold-signing schema then in force), asserting that no internal channel exists to read user vaults.
• The signed cryptographic audit reports, when they land. Findings will not be redacted.
• Every breach, in 72 hours, with scope and remediation. The presumption is disclosure; the exception is silence.
• Every Sunset on Notice event, with the jurisdiction named and the directive type identified to the extent the gag permits; where it does not permit, the canary records the event by its absence.

AION will not build a recovery service that requires AION to access your data. AION will not build a backdoor for any government, including the United States, the United Kingdom, the European Union, or any party to a treaty a future Foundation may sign. The convergence doctrine forbids it: a backdoor is an additional way for one actor to break the lock, which means the lock no longer requires breaking seven realities at once.

AION will not adopt the “supplementary measures” fig leaf used by some operators after Schrems II to claim Privacy-Shield-equivalent protection while retaining the operational ability to comply with surveillance demands. The supplementary measure is the architecture itself, and it is non-negotiable.

If a court of any jurisdiction issues an order AION cannot lawfully refuse, AION publishes the order, sunsets the affected sovereign holding, and continues. The vaults outlive the order.