lossless_protocols

loss·less /ˈlôsləs/ adj. audio engineering. Of compression: removing nothing. No quality stripped, no data discarded. The original, preserved exactly.

Software that returns you exactly as you arrived.

Audio engineers prove two recordings are identical with a null test: invert one, sum them together. If the result is silence, nothing was lost. This is that test, run on you, before and after using our software.

Silence. Nothing taken. Nothing lost. The signal is drawn as steps because that's how lossless audio actually stores you: discrete samples, held exactly. And the two traces above are literally the same SVG path, reused. View source. Identical by construction is the only kind of identical we build.

Now scroll, and run the same test on everything already installed on your phone.

Signal path · Everyone else

Run the same test on the software you already use.

Modern software is built on extraction. You give something (data, attention, behavioral patterns), and the company monetizes what it takes. The trade is so normalized that most people no longer notice it happening.

The tap Your data flows through an app to the service you wanted, while a hidden red branch carries it somewhere you never agreed to. you the app the service you wanted somewhere you never agreed to

the tap. it's in the architecture, not the marketing.

None of these are accidents, and none are bugs. Extraction is a system, and systems have a start date.

Incident log · 1976–2024

None of this was inevitable. It has a history.

“Everything lives in the cloud” feels like a law of nature. It isn’t. It was built, decision by decision, over five decades, and each decision has a date, a name, and a paper trail. The abbreviated log:

The industry position

They say this is necessary. That useful software requires collecting data. That privacy and functionality are a tradeoff.

That is a lie. It is an architecture choice, not a law of physics.

You can build an expense tracker that never sees your expenses. You can build location sharing where the server cannot read the locations. The question was never can you. It was will you, because extraction is more profitable, easier to build, and already dominant.

Lossless Protocols is the answer to “will you?”

The lossless principle

The system must be architecturally incapable of accessing your data.

Not “we choose not to.” Not “our privacy policy says we won’t.” Not “we encrypt it and promise not to look.” The server cannot decrypt what it relays. The database cannot read what it stores. The company cannot extract what it never receives.

This is the difference between a policy and a protocol.

A policy fails by

  • a board vote
  • a new CEO
  • an acquisition
  • a government request

Policies are promises.

A protocol fails by

  • rewriting the system from scratch

Protocols are structure.

A principle is cheap until it's written down as requirements someone can hold you to. Here are ours.

Lossless protocol · Core requirements

Every product is built to specification. This one.

  1. Architecture

    Privacy is the architecture, not a feature. The system MUST be structurally blind to user content. If a feature requires the company to see user data, the feature is redesigned or cut. There is no exception process.

  2. Verification

    Users MUST NOT be required to trust the developer. Every claim MUST be verifiable: open-source code, published whitepapers, third-party audits. The architecture is the proof. If the principle were ever broken, the evidence would be public and permanent.

  3. No extraction

    Revenue MUST NOT derive from user data, attention, or behavior. Products are sustained by direct value exchange: free core utility, paid extended features, one-time purchases, community support. If a business model requires extraction, it is not a Lossless product.

  4. Disclosure

    No system is perfectly private. The irreducible exposure, the noise floor, MUST be disclosed in plain language before the user commits. Radical honesty about the residue is part of the protocol.

  5. Scope

    The protocol applies domain by domain (finance, location, health, communication, identity), wherever data exploitation does the most harm. Each domain gets its own product, built for that domain’s specific privacy problem, under the same principle.

The key words MUST and MUST NOT are used as in RFC 2119, because “Protocols” in our name is not a metaphor.

Specifications are promises too, until something ships against them and passes.

Product line · The principle, proven per domain

Not a catalog. Evidence.

One theorem, you = you, proven domain by domain, wherever the industry claims it can't be done.

LP-01 · zero: expense tracker ● Published · Open source

Finance tracking with zero servers, zero accounts, zero data collection. Everything stays on your phone. The first proof that the lossless principle works.

zero: signal path Your expenses flow into your phone, loop inside it, and the signal path terminates there. No path off the device exists. your expenses your phone terminated no path off the device exists

the signal path ends on your phone. there is no wire to tap.

servers 0accounts 0data collected 0get: Play Storeget: App Storeverify: source code
Passes R1R2R3R4
LP-02 · locate: location sharing ◌ In development · Arriving Sept 2026

The second proof, applied to a harder problem: family location sharing that requires a server, so the server is built blind. End-to-end encrypted. The relay forwards packets it cannot read.

locate: signal path Your phone encrypts your location, sends ciphertext through a blind relay that cannot decrypt it, and your family's phone decrypts it. Plaintext never leaves your devices. ciphertext ciphertext your phone encrypts blind relay cannot decrypt family's phone decrypts plaintext never leaves this phone stores ciphertext, reads nothing keys exist only on your devices

what we store: ciphertext. what we can read: nothing.

encryption end-to-endrelay visibility 0get: Play Store · at launchget: App Store · at launchverify: whitepaper at launch
Passes R1R2 pendingR3R4

LP-03 … unallocated. Health, communication, identity: one domain at a time, each proving the extractive model was a choice, not a necessity.

Every proof above has limits. Most companies wait for journalists to find them. We publish ours.

Disclosure · Requirement R4

The noise floor.

In audio, even silence has a noise floor, a residue no equipment can remove. Privacy has one too. Companies that claim total privacy are lying to you the same way companies that claim extraction is necessary are. Here is ours, in plain language.

The noise floor A silent signal line sits almost flat, with a tiny irreducible ripple that no equipment can remove. “silence,” measured the noise floor: what remains

even silence, measured closely, has a floor. honest systems say where theirs is.

What we cannot see (by architecture)

  • Your expenses, budgets, and financial patterns
  • Your location, routes, and movement history
  • The content of anything our systems relay or store
  • Who you are: no accounts, no identity graph

What we cannot protect (the residue)

  • Network metadata your internet provider can see that your device connected to a relay, not what was said
  • App store install records Google and Apple know you downloaded the app
  • A compromised device if your phone itself is compromised, no app architecture can save you

Limits published. Now the last question a careful reader asks: what stops this company from becoming the thing it replaced?

Entity · Why the principle can’t be voted out

A protocol is only as permanent as the structure holding it.

Most privacy companies die by acquisition: the principle survives until someone buys the company that made the promise. Lossless Protocols is structured so there is no one to make that deal with.

Entity
Registered sole proprietorship, India
Developer
Indranil Bhuin (full-stack developer, cybersecurity background)
Venture capital
0
Investors
0
Board
none. No vote can overturn the principle
Exit strategy
none. No acquirer can rewrite it
Revenue
Products. Not data. Ever.

I build these tools alone. That's not a limitation I apologize for: it's the guarantee. There is no growth team pressuring me to add analytics, no investor asking why we aren't monetizing the data, no acquirer waiting to inherit your trust and spend it. There is one person, a principle, and code you can read. If I ever break the principle, the code will show it, and I will have broken it in public, permanently.

Indranil Bhuin, developer, Lossless Protocols

Verification · Starting with this page

Don’t trust this page either.

Requirement R2 says you should never have to take our word for anything. That includes marketing. So audit the marketing:

THIS PAGE  ·  files 1  scripts 0  cookies 0  trackers 0  external requests 0  fonts yours (system)
Press F12, open the network tab, reload. Count the requests leaving your machine to anyone but us: zero. There’s no cookie banner because there’s nothing to consent to. We don’t know you visited, and we built it that way on purpose. Then press Ctrl+U; the first thing in the source is a note addressed to you.