4.1 Where Things Live
Security in PTERI starts with strict separation of responsibilities.
Every component has a narrow role.
No component is trusted with more than it absolutely needs.
On the User Device
The user device is the only place where authority exists.
It holds:
- Private keys
- Seed phrase
- Biometric enforcement
- Cryptographic signing
These elements never leave the device.
The device is treated as a hard trust boundary.
If the device cannot be compromised, authority cannot be stolen.
On Kakr Infrastructure (Google Cloud)
Kakr infrastructure is verification-only.
It handles:
- Verification APIs
- Blockchain indexing
- Rate limiting
- Observability and monitoring
It does not hold:
- Private keys
- Seed phrases
- Biometrics
- Signing capability
Kakr infrastructure can observe and verify, but it cannot impersonate, recover, or override users.
Kakr never stores secrets.
Not by policy — by design.
