> TECHNICAL_DOCUMENTATION

SYSTEM ARCHITECTURE

Deep dive into NuDefndr's privacy-first architecture. Real implementation. Auditable code.

> SYSTEM_OVERVIEW

On-Device Processing Pipeline

┌──────────────────────────────────────────────────────────────────┐ │ NUDEFNDR ANALYSIS FLOW │ └──────────────────────────────────────────────────────────────────┘ USER PHOTO LIBRARY (iOS Photos.framework) │ ├─> [PhotoLibraryService: Fetch PHAssets] │ ├─ Incremental Scan (timestamp-based skipping) │ └─ Target: Last 24h / 7d / 30d / 90d / All │ ▼ BATCH PROCESSING QUEUE │ ├─> [Device-Aware Concurrency] │ ├─ A17+ Devices: 6 concurrent analyses │ ├─ A15/A16: 3 concurrent analyses │ └─ Older: Sequential processing │ ▼ APPLE ML FRAMEWORK (iOS 17+) │ ├─> [SensitiveContentAnalysis.framework] │ ├─ On-device Neural Engine processing │ ├─ Binary classification (sensitive/safe) │ └─ Zero network activity (verified) │ ▼ RESULTS PIPELINE │ ├─> [Ephemeral Cache - RAM only] │ ├─ Results not persisted │ └─ Cleared on app termination │ ▼ USER REVIEW │ └─> [User Action: Move/Copy/Ignore] ├─ Move to Vault → Encrypt + Remove from Photos ├─ Copy to Vault → Encrypt + Keep in Photos └─ Mark Safe → Exclude from future scans ┌──────────────────────────────────────────────────────────────────┐ │ PRIVACY GUARANTEES │ └──────────────────────────────────────────────────────────────────┘ ✓ Zero network requests during analysis ✓ No cloud uploads (all processing local) ✓ Results not logged or persisted ✓ Memory cleared after analysis ✓ Apple's privacy-first ML framework

NEURAL ENGINE

Hardware-accelerated ML processing on A12+ chips. Zero CPU overhead during analysis.

SANDBOXED

iOS App Sandbox prevents data exfiltration. Network requests blocked during analysis.

INCREMENTAL

Smart timestamp skipping only analyzes new/modified photos on repeat scans.

> SOURCE_CODE

Incremental Scan Engine

> /Services/ScanManager.swift Smart Timestamp Skipping (v2.0+) 
/// Incremental scanning with timestamp-based skip logic
/// Delivers 5-15x performance gains on repeated scans
func performIncrementalScan(range: ScanRangeOption) async throws {
    guard let lastScanDate = getLastSuccessfulScanDate() else {
        // First scan - analyze everything
        return try await fullScan(range: range)
    }
    
    var skippedCount = 0
    var analyzedCount = 0
    
    for asset in photoAssets {
        // SKIP LOGIC: Photo hasn't been modified since last scan
        if let modDate = asset.modificationDate,
           modDate < lastScanDate {
            skippedCount += 1
            continue // Skip this photo (already analyzed)
        }
        
        // Analyze photo (new or modified since last scan)
        let result = try await analyzer.analyze(asset)
        analyzedCount += 1
        
        if result.isSensitive {
            await notifyUser(asset)
        }
    }
    
    #if DEBUG
    print("[Incremental] Analyzed: \(analyzedCount), Skipped: \(skippedCount)")
    print("[Performance] Skip ratio: \(Double(skippedCount)/Double(total) * 100)%")
    #endif
    
    // Update timestamp for next scan
    saveLastSuccessfulScanDate(Date())
}

/// Performance metrics (real-world data)
/// v1.7 (Full Scan): 28.4s for 20 photos
/// v2.x (Incremental): 1.9s for 20 photos (99% cache hit)
/// Improvement: 15x faster, 87% battery savings

INCREMENTAL SCANNING

  • Only analyzes new/modified photos
  • Timestamp-based skip logic
  • Significant time savings on repeat scans
  • Lower battery consumption
  • Efficient memory usage

SKIP LOGIC

  • Fast timestamp comparison
  • Modification date tracking
  • Range boundary validation
  • Minimal processing overhead
  • Optimized for daily use

> VAULT_CRYPTOGRAPHY

ChaCha20-Poly1305 Encryption

> /Vault/VaultCrypto.swift AEAD Cipher with Hardware Backing 
import CryptoKit

/// ChaCha20-Poly1305 encryption for vault storage
/// Keys stored in iOS Keychain with Secure Enclave protection
final class VaultCrypto {
    
    /// Encrypts photo data with ChaCha20-Poly1305 AEAD
    static func encryptData(_ data: Data, key: SymmetricKey) throws -> Data {
        // ChaCha20-Poly1305 provides:
        // - Confidentiality (encryption)
        // - Authenticity (HMAC)
        // - Integrity (tampering detection)
        let sealedBox = try ChaChaPoly.seal(data, using: key)
        
        return sealedBox.combined // Nonce + Ciphertext + Tag
    }
    
    /// Decrypts vault photo
    static func decryptData(_ encryptedData: Data, key: SymmetricKey) throws -> Data {
        let sealedBox = try ChaChaPoly.SealedBox(combined: encryptedData)
        let decryptedData = try ChaChaPoly.open(sealedBox, using: key)
        
        return decryptedData
    }
    
    /// Generates 256-bit encryption key with entropy validation (v2.1.8+)
    static func generateVaultKey() throws -> SymmetricKey {
        let maxRetries = 3
        
        for attempt in 0..= 7.5 {
                return key
            }
            
            #if DEBUG
            print("[Crypto] Low entropy detected, retry \(attempt + 1)/\(maxRetries)")
            #endif
        }
        
        throw CryptoError.insufficientEntropy
    }
}

WHY CHACHA20-POLY1305?

  • Faster than AES on ARM (no hardware AES needed)
  • Authenticated encryption (detects tampering)
  • Used by Signal, WireGuard, TLS 1.3
  • Timing-attack resistant
  • IETF standard (RFC 8439)

KEY PROTECTION

  • 256-bit keys (2^256 combinations)
  • iOS Keychain with hardware backing
  • Never persisted unencrypted
  • Device-only (no backup/sync)
  • Entropy validation (v2.1.8+)

> SPECIFICATIONS

Technical Details

Component Implementation Security Level
ML Framework Apple SensitiveContentAnalysis (iOS 17+) Hardware-accelerated
Encryption Algorithm ChaCha20-Poly1305 AEAD 256-bit keys
Key Storage iOS Keychain (Secure Enclave) Hardware-backed
File Protection .completeFileProtection iOS secure storage
Scan Performance Incremental (v2.0+) with timestamp skipping 15x faster
Concurrency Device-aware (A17+: 6 threads, A15: 3, older: 1) Adaptive
Network Activity None (100% offline) Zero cloud exposure
Jailbreak Detection 10-vector analysis with confidence scoring Platform-aware

> THREAT_MODEL

Security Guarantees

PROTECTED

DEVICE SEIZURE

Vault encrypted at rest. Unreadable without FaceID.

NETWORK INTERCEPTION

Zero network activity. Photos never leave device.

CLOUD BREACH

No cloud storage. Everything local.

BACKUP EXTRACTION

Keys device-bound. Cannot extract from backup.

UNAUTHORIZED ACCESS

Biometric + PIN required. Auto-lock after 30s.

OUT OF SCOPE

UNLOCKED DEVICE

Vault requires additional FaceID even with unlocked phone.

PHYSICAL COERCION

Cannot prevent forced biometric unlock.

JAILBROKEN DEVICES

iOS security model compromised (detected, not blocked).

OS ZERO-DAYS

Unknown iOS vulnerabilities (applies to all apps).

> AUDITABLE_CODE

Open Source Security

VERIFY OUR CLAIMS

NuDefndr's core privacy components are open source on GitHub. Security researchers can independently verify:

  • Zero network activity during analysis (auditable)
  • ChaCha20-Poly1305 encryption implementation
  • Incremental scanning algorithm and skip logic
  • Jailbreak detection methodology
  • Keychain integration and key lifecycle
View Source Code

> END_OF_TRANSMISSION

Privacy-first architecture. Auditable implementation.

← BACK TO HOME