Open standard for audit, verification and document transfer. Quantum-resistant cryptography. Compliant with European and Croatian regulations. No vendor lock-in, no monthly fees for end users.
Complete infrastructure consists of eleven independent modules. Each is designed according to the single responsibility principle, documented in standardized format, and can be used, replaced or upgraded independently.
Chain ledger. Append-only Merkle structure. Each modification receives a permanent timestamp and cryptographic signature. Records cannot be retroactively altered.
Permanent document identifier. Hash function with deterministically generated 64-character ID. Same content always produces the same ID — no central registrar required.
Immutable blocks linked in a chain. Each block references the previous block's hash. Modifying any older block invalidates all subsequent blocks — proof of integrity over time.
Nine layers of document protection (L0–L8). Combines symmetric encryption, asymmetric signatures, MACs and temporal witnesses. Resilient to compromise of individual layers.
Quantum-resistant signing. Uses NIST FIPS 204 (ML-DSA-65) and ML-KEM (Kyber-1024) standards. Resistant to quantum computing attacks projected for the next decade.
P2P synchronization between nodes. Pull-based protocol — nodes pull changes from each other. No central server. Network survives individual node failures.
Structured document format (.dokarh + .dok.json). Contains content, metadata, signatures and references in a single file. Compatible with ZUGFeRD/Factur-X standard for PDF/A-3.
Documents know their state: pending → issued → sealed → expired. Automatic events on state transitions. Traceability of every change in Krunica.
Ed25519 keypair in browser or device TEE. No passwords. Recovery through nine independent layers (FLUID): password, email, QR print, Shamir mesh, biometrics.
Chrome extension + desktop application + Android. One identity, any website. Detection of login fields, automatic challenge signing, token injection.
Printed bearer vouchers with QR and chain record. Denominations 0.50 € – 500 €. Consolidated invoice on redemption — compliant with EU Voucher Directive 2016/1065. No transaction fees.
Combination of standardized cryptographic primitives with an open, self-evident document format. Design based on three principles: simplicity, traceability, resilience to future technological shifts.
Complete specification available under CC0 license. Implementation in public repository. Any partner can build compatible client or server.
Format aligned with Croatian fiscalization rules, civil code (čl. 36 ZOO), VAT law (čl. 84 ZPDV) and EU directives on vouchers (2016/1065) and electronic identification (eIDAS 910/2014).
Value transfer between users is not taxed at infrastructure level. Fees exist only at boundaries (deposit / cash withdrawal through partner institutions).
All signatures use post-quantum algorithms per NIST standards (FIPS 204 ML-DSA, FIPS 203 ML-KEM). System is not vulnerable to "store now, decrypt later" attacks.
Every state change, every document access, every signature — recorded in immutable chain. Authorized auditor can reconstruct complete document history.
Bršljan protocol ensures no single node is a critical point. Users can access documents through any network node if primary is unavailable.
System is designed as a tool that augments existing legal infrastructure, not circumvents it. All operations leave an irrefutable trail, all identification obligations are satisfied at boundaries, all tax events are properly fiscalized.
Multi-purpose voucher classification — VAT is calculated at redemption, not at transfer. Compliant with EU framework across all member states.
Electronic signatures compliant with eIDAS 910/2014 (qualified level). MiCA crypto framework does not apply (system does not issue crypto-assets). GDPR audit trail through Krunica chain.
Gutschein as Schuldverhältnis (BGB §§ 793 ff). Identification above €10,000 per GwG (Geldwäschegesetz). Document format readable as ZUGFeRD when ingested into Mittelstand ERP systems.
Customer identification mandatory above €9,999/month (light KYC) and €15,000 (full KYC + UKPN report). Thresholds aligned with European and Croatian AML/CTF framework.
BunkerSeal BPZ-9, Bršljan network replication, continuous integrity monitoring (Folija). Incident procedures per NIS2 art. 21.
Defensive strategy — no patent applications filed. Instead, all innovations have public cryptographic prior art entry in Krunica chain (Croatian Patent Law art. 6-7 — inventor priority right).
Nine independent layers of document protection (BunkerSeal BPZ-9). Identity based on private keys that never leave the device. Identification at system boundaries (deposit, withdrawal) through partner institutions with existing KYC procedures.
REST API, open format specification, SDK libraries for common languages. Client or partner system can integrate via HTTP API or local library — without proprietary protocol.
OpenAPI 3.1 documentation available at /docs. Endpoints for upload, verify, audit, retention, export, search, integrity.
Python package on PyPI (fenix-folija). JavaScript SDK for browser. Rust crate for desktop. Flutter package for Android.
OpenDOK-2026 specification under CC0 license. Detailed description of .dokarh bundle, .dok.json meta-structure, WeisE3 derivation, BunkerSeal composition.
Any document can be verified through public endpoint /v/{weise3_id}. Returns HTML page with status, content and audit trail — without login.
Endpoint /view/{weise3_id} renders "human view" of any document: PDF embed, QR code, content, Krunica info, optional Genesis Login for restricted documents.
Partner systems can subscribe to events (issued, transferred, spent, sealed). HMAC-SHA256 signed messages. Retry with exponential backoff.
For legal, technical or business inquiries — access through Genesis Login (Ed25519 identity), consultation with AI assistant ARK Concierge (embedded in all facades), or direct communication via partner institutions (Konjik d.o.o., audit networks).