Security Overview
Quira is designed from the ground up with security as a first-class concern. But Quira goes further than any existing browser: it introduces Context Security — a new security discipline that protects your accumulated knowledge structure, not just your network connection.
Context Security: a new paradigm
Every major browser — Chrome, Firefox, Brave — focuses on protecting users from the web via sandboxing, site isolation, and content security policies. None of them protect the user's own accumulated knowledge with the same rigor.
Quira's Context Graph is an automatically constructed personal knowledge graph — a structured map of your intellectual activity. This is an entirely new category of sensitive data that no existing browser security model protects. Context Security is the discipline of protecting personal knowledge structures.
Why this matters
The Context Graph holds AI summaries, entity extractions, semantic embeddings, browsing patterns, and temporal research paths. This is categorically more sensitive than browsing history — it is a machine-readable map of your thinking.
Compositional sensitivity
Individual page visits are low-sensitivity data. But when accumulated in the Context Graph — combined with AI summaries, extracted entities, and temporal patterns — they become one of the most sensitive personal datasets possible. This is the same principle by which individual mobile location pings are harmless, but aggregated location history becomes complete surveillance.
Eight security paradigms
Quira's security architecture is built on eight interlocking paradigms. Each is independently valuable; together they form a living, adaptive, cryptographically-grounded defense system.
| # | Paradigm | Core idea | Details |
|---|---|---|---|
| 1 | Capability-Based Security | Unforgeable tokens replace identity-based access. No ambient authority. | Permission System |
| 2 | Information Flow Control | Track where data flows, not just who can access it. Labels are monotonic. | Permission System |
| 3 | AI Immune System | Behavioral baselining and anomaly detection. The AI defends itself. | Threat Protection |
| 4 | Temporal Security | Permissions decay. Sessions are time-locked. Dead man's switch. | Privacy Architecture |
| 5 | Adversarial ML Defense | Multi-layer defense against web content manipulating browser AI. | Threat Protection |
| 6 | Cryptographic Innovation | Forward secrecy at rest, threshold encryption, verifiable deletion, ZKP. | Privacy Architecture |
| 7 | Hardware Co-Design | TEE for AI inference, memory encryption, per-tab decryption. | Privacy Architecture |
| 8 | Living Security | Security Health Score, continuous adaptation, not static configuration. | Threat Protection |
Beyond these eight paradigms, Quira introduces 26 novel security structures — from macOS deep-architecture concepts (8 structures including CSEB, KPC, CTA) to emergent interaction structures (8 structures including KSCI, IRD, RSIP, CAV). See each page for formal models and implementation details.
Defense in depth
Quira implements a defense-in-depth strategy inspired by macOS's multilayered security model. Rather than relying on a single boundary, multiple independent layers ensure that a breach in one does not compromise the whole system.
| macOS | Quira equivalent | Difference from existing browsers |
|---|---|---|
| Gatekeeper | Cryptographic extension verification before install | Chrome reviews after publish; Quira verifies before execution |
| TCC | Context TCC — granular per-permission consent for graph access | World first: no browser has knowledge graph access control |
| SIP | Context Graph immutability protection | No browser guarantees browsing data integrity |
| App Sandbox | Space-Scoped Security — Context Spaces are security boundaries | World first: tab groups as security boundaries |
| Keychain | Encrypted embedding vault with independent encryption | World first: encrypted browsing data at rest |
| Lockdown Mode | Context Lockdown — JIT disabled, panic wipe, RAM-only mode | World first: extreme privacy mode for journalists/activists |
Security layers
| Layer | Component | What it protects |
|---|---|---|
| L1 — Network | Network Firewall | Malicious connections, DNS filtering, TLS enforcement |
| L2 — Content | Content Filtering | Trackers, ads, fingerprinting scripts, cryptominers |
| L3 — Threats | Threat Protection | Phishing, malware, AI immune system, adversarial ML defense |
| L4 — Permissions | Permission System | Capability tokens, Context TCC, IFC labels, Space isolation |
| L5 — Privacy | Privacy Architecture | Encryption at rest, temporal security, hardware integration |
| L6 — Infrastructure | Advanced Architecture | KPC classification, CSEB event bus, KQR relay, CTA trust arbiter, ASP posture |
| L7 — Emergent | Emergent Security | KSCI supply chain, IRD inference residue, SBRC blast radius, TCV causality, CAV amnesia |
Competitive comparison
| Feature | Chrome | Firefox | Brave | Tor | Quira |
|---|---|---|---|---|---|
| Site isolation | Yes | Yes | Yes | Yes | Yes (Gecko Fission) |
| Extension sandbox | Basic | Basic | Basic | Restricted | Capability-based TCC |
| History encryption | No | No | No | RAM only | SQLCipher + embedding encryption |
| AI threat defense | No | No | No | N/A | 4-layer prompt injection defense |
| Knowledge exfiltration detection | No | No | No | No | Context DLP |
| Lockdown mode | No | No | No | Partial | Context Lockdown |
| Compositional sensitivity | No | No | No | No | Yes — world first |
Implementation roadmap
Unified roadmap across core security, advanced architecture, and emergent security structures.
| Phase | Core Security | Advanced Architecture | Emergent Security | Timeline |
|---|---|---|---|---|
| Phase 1 (MVP) | SQLCipher, extension entitlements, content sanitization, domain exclusion | KPC (protection classes), CSEB (event bus), CTA (trust arbiter) | KSCI (supply chain integrity), TCV (temporal causality) | Q3 2026 |
| Phase 2 (Pro) | Context TCC, Space boundaries, embedding encryption, differential privacy | PSCS (privilege separation), SKV (sealed volumes), ASP (adaptive posture) | IRD (inference residue defense), SBRC (blast radius containment) | Q4 2026 |
| Phase 3 (Enterprise) | TEE integration, Context Lockdown, exfiltration detection, PQC | KQR (query relay), DSPL (policy language) | AGTR (graph topology resistance), CSELP (entropy leakage prevention) | 2027 |
| Phase 4 (Standard) | Context Security Framework — W3C/IETF standardization proposal | Full integration + formal verification | RSIP (retroactive sanitization), CAV (amnesia verification) | 2027+ |