Five-hand custody chain — officer, lab, prosecution, defense, court — sealed at collection. Brady disclosure enforced by hash chain, not by prosecution's discretion.
A detective collects a blood sample at a crime scene. At the moment of collection, the item is hashed and the hash is sealed into an ABT-L envelope, signed by the collecting officer's key. That hash is the chain's origin.
The sample moves to the lab. The lab analyst adds the next link: analysis results hash, analyst's key, chain extension. Prosecution receives the chain. Defense receives it too — automatically, as a structural property of the chain, because Brady disclosure is embedded in the protocol, not left to the prosecutor's discretion.
If any link in the chain is missing, the gap is visible. If any link was altered after signing, the hash breaks. A complete, unbroken chain is a proof of custody that can be presented to the court with mathematical certainty.
Criminal evidence chain of custody, civil discovery document trails, regulatory enforcement seizure records, customs and border protection seizures — anywhere a provable, unbroken custody record is required for legal proceedings.
ABT-L uses Ed25519 digital signatures for authentication of every event at every party. Per-event symmetric keys are derived via HKDF with the event identifier as salt and held in hardware-backed secure storage (Apple iOS Keychain, Android Keystore, or equivalent platform secure-storage). Envelope encryption is performed at the first-party endpoint before any ciphertext leaves the device or origin. Each tier authority’s ciphertext contains only that tier’s authored projection — information not relevant to a tier authority is authored out before encryption, not redacted after. The registry maintains a hash-chained log where each entry’s hash includes the prior entry’s hash, providing tamper-evident integrity across the chain. Forward-only tier activation: registration of a new tier authority causes inclusion of an active tier layer in subsequent envelopes only. Existing envelopes are not retroactively modified. Cryptographic boundary at the first party. Plaintext never moves. Per-tier projection authored at envelope construction. Registry-routed restoration requires structural participation by all three parties.
Cryptography researchers studying envelope encryption, tier-bounded ciphertext, deterministic key derivation, and signed receipt chains in legal evidence custody and chain-of-custody.
Privacy researchers studying architectural privacy enforcement, unlinkability, purpose limitation, retention through cessation, and consumer-controlled key custody.
Consumer protection advocates seeking architectural alternatives to policy-based privacy enforcement. Cryptographic structural enforcement, not vendor trust.
Policy researchers examining cryptographic enforcement of storage limitation (GDPR Article 5(1)(e)), data minimization (GDPR Article 5(1)(c)), and consumer protection requirements.
Forensic and legal evidence researchers studying chain of custody, evidence integrity, tamper-evident custody transition records, role-scoped access for police, prosecution, defense, lab, and court, and cryptographic alternatives to policy-based evidence handling.
