JC Laboratories
JC Labs R&D · jclabs.tech
By security professionals, for security professionals. Your privacy in your hands.
JC Laboratories
JC Labs R&D · jclabs.tech
By security professionals, for security professionals. Your privacy in your hands.
These Terms of Service govern your use of all JC Laboratories products and services, including Aleph Vault, the Entropy-Gated AI Framework (EGAF), Gaffer, CipherPort (public key directory and dead drop board), Cryptaverse, and jclabs.tech. By accessing or using our Services, you agree to be bound by these Terms.
JC Laboratories (jclabs.tech) is an independent technology company founded by Justin Czap. Our research and development division, JC Labs R&D, develops security-focused software and the Entropy-Gated AI Framework.
Our mission: By security professionals, for security professionals. Your privacy in your hands.
Aleph Vault is an offline-first encrypted vault application for Android providing secure local storage of notes, passwords, cryptographic key pairs, API keys, and encrypted messaging via the MessageCrypt system.
EGAF (Entropy-Gated AI Framework) is a structured AI governance and orchestration protocol developed by JC Labs R&D. It defines a three-part composition system (OIL_CONTRACT, INVOKER, E_T) for governed, reproducible, and auditable AI task execution, operating as a Layer 3 governance protocol.
Gaffer is the flagship AI assistant built on EGAF, providing governed AI interactions via web interface (ai.jclabs.tech) and API.
CipherPort is a public key directory and encrypted dead drop message board at jclabs.tech/community. It is the gateway to Cryptaverse — a privacy-first cryptographic safe harbor where identity is a key, communities are cryptographic safe rooms, and JC Laboratories cannot access encrypted vault contents in readable form and does not possess user private keys.
Cryptaverse is the forthcoming privacy-first cryptographic social platform. All Cryptaverse content is encrypted client-side before reaching our servers. Access to encrypted content is enforced by cryptographic keys held on user devices — not by policy alone.
| Tier | Price | Key Features |
|---|---|---|
| Free | $0/mo | 5 repo items, 1 key pair/month, no export, no recovery, community read access |
| Individual | $3/mo | Unlimited items, 1 key pair/month, vault export/import, community directory listing |
| Family | $5/mo | Unlimited items, unlimited key pairs, vault export/import, encrypted cloud backup, community listing |
| Small Business | $25/mo | Unlimited key pairs, vault export/import, encrypted cloud backup, optional recovery add-on |
| Medium Business | $50/mo | Unlimited key pairs, vault export/import, encrypted cloud backup, optional recovery add-on |
| Enterprise / VIP | Custom | Unlimited keys, cloud backup, recovery included, SLA, dedicated support |
JC Laboratories reserves the right to update pricing with 30 days notice to existing subscribers.
Aleph Vault uses two separate passwords with different properties:
Account password — used to sign in to your JC Laboratories account. Authentication is handled by a Cloudflare Worker-based system. Password resets are handled through this system using email-delivered, time-limited reset tokens. Your email address is processed for authentication and reset purposes but is not stored as plaintext in our database. We store a keyed cryptographic representation (HMAC-SHA256) for account lookup. This representation cannot be reversed to recover the original email from the stored value.
You acknowledge and accept this limitation by using standard tiers. We strongly recommend exporting your vault regularly and storing the backup securely.
Available on Individual tier and above. Vault export creates an encrypted backup file protected by a user-chosen export password — separate from and independent of the vault master password. The export password is chosen by you at the time of export and is not stored by JC Laboratories.
Exported files are saved to your device's Downloads/AlephVault/ folder. You are solely responsible for the security of exported vault files after export.
Family, Business, and Enterprise tier subscribers may enable automatic encrypted cloud backup. Vault data is encrypted on-device before upload using AES-256-GCM. JC Laboratories stores only the encrypted ciphertext blob on Cloudflare R2 and cannot decrypt it. On Free and Individual tiers, vault data never leaves your device. Encrypted blobs are retained while the subscription is active and deleted 30 days after cancellation. We store only encrypted ciphertext — never readable vault content.
By submitting a directory listing you agree that your listing does not impersonate any real person or organization, your username and bio do not contain illegal content, slurs, threats, or harassment, the public key you list is your own, and JC Laboratories may remove your listing at any time for violation of these Terms.
The CipherPort dead drop board is an anonymous encrypted message relay. No account is required to post.
Message expiry: Free and anonymous users: up to 7 days. Paid tier account holders: up to 30 days. Messages are automatically and permanently deleted at expiry.
Law enforcement: We will comply with legally valid requests. However, we can only provide the encrypted ciphertext and minimal routing metadata stored in our application database — we do not log or store poster IP addresses in our application database. Network-level logs may be retained by infrastructure providers such as Cloudflare under their own policies.
The Enterprise Recovery Program is an optional, paid feature on Business and Enterprise/VIP tiers, governed by a separate Enterprise Recovery Agreement.
To enroll: contact@jclabs.tech
The Entropy-Gated AI Framework (EGAF), including all vial specifications, the OIL_CONTRACT system, INVOKER protocol, and E_T task definition format, is intellectual property of JC Laboratories / JC Labs R&D, developed and maintained by Justin Czap.
EGAF is dual-licensed:
Gaffer, Aleph Vault, CipherPort, Cryptaverse, and all associated JC Laboratories software, branding, and assets are proprietary. All rights reserved.
AI-generated content from Gaffer is provided for informational purposes only and does not constitute professional advice of any kind. You use AI-generated content at your own risk.
You agree not to use our Services to violate any law, store or distribute illegal content, reverse-engineer our software, abuse or overload our services, impersonate any person, attempt unauthorized access to any account, post unencrypted personal data to the dead drop board, or misuse the Enterprise Recovery Program.
Subscriptions are processed via Stripe. Individual ($3/mo) and Family ($5/mo) tiers are available in-app via Settings → Upgrade Plan. Business and Enterprise tiers: contact contact@jclabs.tech. Cancel anytime via the billing portal at Settings → Upgrade Plan → Manage. JC Laboratories does not issue refunds for partial subscription periods except where required by law.
Reporting abuse: To report illegal content, Terms violations, or abusive listings, contact contact@jclabs.tech with a description and any available identifiers (username, key fingerprint, timestamp).
Removal: JC Laboratories may remove any directory listing or dead drop message that violates these Terms, without notice. Repeated violations will result in account termination.
Mandatory reporting: JC Laboratories will comply with all mandatory reporting obligations under applicable law, including:
Section 230: JC Laboratories claims the protections of 47 U.S.C. § 230 as an interactive computer service provider. We are not the publisher or speaker of user-generated content.
Our Services are provided "as is" and "as available" without warranties of any kind. JC Laboratories makes no warranty that any cryptographic implementation is free from unknown vulnerabilities. No encryption system provides absolute security.
To the fullest extent permitted by law, JC Laboratories and its founder shall not be liable for any indirect, incidental, special, consequential, or punitive damages including loss of data, profits, or goodwill. For Enterprise Recovery claims, total liability shall not exceed fees paid for the recovery program in the preceding 12 months.
You agree to indemnify and hold harmless JC Laboratories and its founder from claims, damages, or expenses arising from your use of the Services, violation of these Terms, or violation of any third-party rights.
JC Laboratories may suspend or terminate your account for violation of these Terms. You may terminate at any time by contacting contact@jclabs.tech.
These Terms are governed by the laws of the United States. Disputes shall be resolved in the appropriate courts of jurisdiction.
Material changes will be communicated via the app or email with 30 days notice for paid subscribers. Continued use after changes constitutes acceptance.
If you discover a security vulnerability in any JC Laboratories product or service, please report it to security@jclabs.tech before public disclosure. We ask that you give us 90 days to investigate and remediate. We will acknowledge your report within 72 hours and not pursue legal action against good-faith researchers.
If you believe content on our services infringes your copyright, contact our designated DMCA agent:
Agent: Justin Czap · Email: contact@jclabs.tech · Address: JC Laboratories, Michigan, United States
General & Enterprise: contact@jclabs.tech
Security: security@jclabs.tech
DMCA: contact@jclabs.tech
Website: jclabs.tech
GitHub: github.com/JCLaboratories
© 2026 JC Laboratories · All rights reserved