# Getting Started with CQRIT

## What This System Does

CQRIT is a client-side post-quantum encryption system that:

- **Encrypts data locally** in your browser using Rust/WebAssembly
- **Uses post-quantum cryptographic primitives** (CRYSTALS-Kyber) to resist quantum attacks
- **Does not store encryption keys** anywhere (not on servers, not on devices)
- **Derives keys from memory** based on your personal knowledge
- **Works offline** with no internet dependency for encryption operations

## Basic Flow

### Step 1: Memory Input
User provides answers to personal questions only they know.

Example: "What was your first pet's name?" → "fluffy"

### Step 2: Key Derivation
Inputs are transformed into a cryptographic key using a Key Derivation Function (KDF).

```
Memory Inputs → KDF → Private Key
```

### Step 3: Local Encryption
Data is encrypted locally in the browser using the derived key.

```
Private Key + Data → Encryption → Encrypted Data
```

### Step 4: Storage
Encrypted data can be stored:
- **Offline:** Unlimited free local storage
- **Cloud:** Optional paid cloud sync (pricing based on number of items)

**Important:** Only encrypted data is stored. Keys are never stored.

## Key Differences from Traditional Encryption

### Traditional Systems
- Keys stored in encrypted vaults
- Keys exist as files on disk
- Server/database breach can expose keys
- Quantum computers can break RSA/ECC

### CQRIT
- Keys never stored (regenerated each use)
- Keys exist only in memory during session
- Server breach cannot expose keys (they're not there)
- Post-quantum algorithms resist quantum attacks

## Use Cases

**Cryptocurrency Holders:**
- Store seed phrases with quantum-safe encryption
- No key files that can be stolen
- Family recovery if you forget

**Families:**
- Share wills, documents, passwords securely
- Recovery mechanisms for Alzheimer's/dementia
- Group access with configurable approval

**Businesses:**
- Protect API keys, credentials, secrets
- Team access with multi-signature approval
- No server-side key exposure

**Privacy-Focused Users:**
- Journalists protecting sources
- Activists avoiding surveillance
- Offline encryption capability

## First Steps

1. **Access CQRIT:** https://app.cqrit.io
2. **Create account:** Anonymous, no personal data required
3. **Set up memory inputs:** Choose personal questions/answers with high entropy
4. **Start encrypting:** Create your first encrypted item
5. **Optional:** Configure social recovery with trusted individuals

## Security Best Practices

✅ **Do:**
- Choose unique, high-entropy memory inputs
- Use social recovery for important data
- Keep browser updated
- Practice good device security

❌ **Don't:**
- Use easily guessable answers
- Share memory inputs with untrusted parties
- Rely solely on memory if you have concerns
- Use compromised devices

## Next Steps

- Read [Architecture](architecture.md) to understand system design
- Read [Cryptography](crypto.md) for technical details
- Read [Key Management](key-management.md) for key handling
- Read [Threat Model](threat-model.md) for security properties

---

**Need Help?** contact@cqrit.io