A technical overview of the par Noir identity protocol and the layered applications that implement it: identity core, dashboard, hosted API, aggregator browser, messaging, Prism content auditing, and the developer portal for integrators.
The current paradigm of digital identity is fundamentally broken. Users surrender control of their most valuable asset—their identity—to centralized entities that can revoke, modify, or exploit it at will. par Noir is a protocol for sovereign identity that returns ownership and control to the individual, implemented as a layered network: cryptographic identity and proofs, a user-facing dashboard, a hosted API that connects tools, an aggregator browser for public feeds, encrypted messaging, a community content-auditing program (Prism), and a developer portal for third-party integrations.
The cryptographic asset is decentralized identity, not a blockchain token. Verification is mathematical (identity file, name, and passcode); there is no central issuer. par Noir combines strong client-side cryptography with user-owned storage patterns and a current post-quantum migration (ML-DSA and ML-KEM with SHA-3 policy) plus zero-knowledge redesign directions so users can prove claims without unnecessarily exposing raw data.
This paper summarizes protocol foundations and how the ecosystem is structured today, points to reference implementations in the open repository, and states licensing terms for non-commercial versus commercial use.
Digital identity today often exists in a state of dependency. Users are granted access to services in exchange for surrendering fundamental control over identity data. That model creates critical vulnerabilities:
par Noir treats identity as user-owned infrastructure: the user creates and holds keys, the dashboard and API connect that identity to cloud storage and applications, and the aggregator browser surfaces user-published public content into feeds—without the browser talking to cloud providers directly; storage flows through the par Noir API.
Third parties integrate via OAuth and HTTP APIs (Layer 5), using the same patterns as the hosted developer console at developers.parnoir.com.
The following layers describe how components fit together. They align with the implementation in the
par Noir monorepo: shared cryptography and types in core/ and sdk/, applications under apps/,
and the hosted API under api/.
Role: Proof-of-work identity creation, three-factor unlock (identity file, name, passcode), and cryptographic operations. There is no central authority that “issues” a par Noir identity; the user generates and holds the material.
Implementation: core/identity-core and related packages; consumed by the dashboard,
API, and clients.
Role: Where users create and manage identity, connect secure cloud storage, and use identity-direct features (recovery, settings, integrations that require the user’s keys or consent).
Hosted application: pn.parnoir.com
(apps/id-dashboard).
Role: Connects the dashboard and other clients to shared services: OAuth, storage mediation, aggregator indexing, messaging transport, and integrator endpoints. The API is the supported path for the aggregator browser to access storage (no direct Google OAuth or Drive APIs in the browser app).
Base URL: api.parnoir.com
(api/).
Role: Aggregates public files from users’ storage into feeds and browsing experiences. Storage operations go through the par Noir API only, consistent with the project’s security and architecture rules.
Hosted application: browse.parnoir.com
(apps/aggregator-browser).
Role: Products and services that call par Noir with user consent—OAuth unlock, standard data points, HTTP APIs. Integrators register OAuth clients and manage backend API keys through the developer portal.
Hosted application: developers.parnoir.com
(apps/developer-portal) — credentials, standard data point catalog, integration guides,
Layer 5 documentation, and OpenAPI reference.
Role: Encrypted, user-owned messaging: messages live in users’ cloud storage areas, coordinated through the API. There is no central message store of plaintext content at par Noir; delivery and folder operations are mediated by the API.
Hosted application: messaging.parnoir.com
(messaging build of the aggregator app, apps/aggregator-browser / dist-messaging).
Role: Content auditing, not generic IT security auditing. Prism is the par Noir auditor program: trained reviewers (“Rays”) evaluate DMCA-flagged or reported content and reach consensus before content is approved for indexing. Two Rays must agree to approve or deny; no single reviewer controls visibility alone.
Hosted application: prism.parnoir.com
(apps/prism).
Organizations that need commercial terms use the licensing portal at
licensing.parnoir.com
(apps/licensing-portal), which aligns with written agreements such as
annual and
perpetual commercial license pages on this site.
The ecosystem above rests on a small set of protocol ideas: client-held keys, encrypted artifacts, publication of non-sensitive metadata where appropriate, and privacy-preserving proofs over time. Exact file formats, curves, and proof systems evolve in the repository; this section states intent, not every on-wire byte.
Identity material is derived and used client-side. The current identity decision baseline is post-quantum asymmetric cryptography for new identities: ML-DSA-65 for signatures and ML-KEM-768 for key encapsulation. AEAD remains in use for encrypted payloads, and servers do not require passcodes or raw identity secrets to verify protocol operations.
User data is encrypted before leaving the client where applicable; metadata may be published to decentralized or operator-hosted indexes for discoverability, without placing secrets in plain text in logs or public fields.
Identity artifacts are moving to explicit, versioned wire structures with algorithm identifiers (for example format version, signature algorithm, KEM algorithm, and hash policy) so verification behavior is auditable and future migrations are deterministic.
The protocol direction includes proving properties of identity and attributes (for example, age thresholds) without revealing underlying raw values. The current security roadmap keeps PQC identity and OAuth upgrades first, then completes a PQC-aligned redesign of ZK paths; interim ECC-dependent ZK paths are treated as transitional rather than the long-term root trust model. Integrators should follow published APIs and SDK releases rather than this paper for exact circuit parameters.
Social and policy-based recovery features are implemented in the dashboard and supporting services so users can regain access without a single central authority “resetting” identity—subject to the user’s chosen recovery configuration.
The canonical open-source implementation lives in the par Noir monorepo. High-level mapping:
core/identity-core, sdk/identity-sdkapps/id-dashboardapi/apps/aggregator-browserapps/developer-portalapps/prismapps/licensing-portal
Client applications load a single configured API base URL at build time (for example
VITE_API_ENDPOINT pointing at api.parnoir.com
in production builds). Integrators should use the OAuth UI package and identity SDK workspaces
published from the repository rather than copying outdated snippets.
par Noir software is provided under All Rights Reserved terms. The source is available for review; copying, redistribution, modification, and derivative works are not permitted except as stated in writing (see the LICENSE file in the repository and the site Terms of Service).
Non-commercial freeware. You may use par Noir software without charge to learn, experiment, and build non-commercial applications and integrations—personal projects, research, education, and other uses that are not primarily intended for commercial advantage or monetary compensation.
Commercial use requires a license. If you build or operate a product or service that is commercial in nature, or you deploy par Noir–based software for commercial advantage, you must obtain a commercial license. Commercial terms are described in the Annual Commercial License Agreement and Perpetual Commercial License Agreement, and through licensing.parnoir.com. For licensing inquiries: licensing@parnoir.com.
Nothing in this paper waives reserved rights; for permissions beyond non-commercial use as described here, contact licensing.
par Noir combines a sovereign identity protocol with a concrete stack of applications: dashboard, hosted API, aggregator browser, messaging, Prism content auditing, and a developer portal for integrators. The design keeps cryptographic control with the user while allowing a network of tools and third-party services to interoperate through documented APIs and consent flows.
Non-commercial use of the software is offered as freeware under reserved rights; commercial use requires an explicit license. See Licensing and Use of par Noir Software above.
From the shadows, into the light.
—The par Noir Protocol Team
The par Noir protocol represents original research and development by MJ Mazzei. This system was conceived and designed as an independent contribution to the field of sovereign identity, drawing inspiration from the philosophical principles of freedom and self-determination rather than from existing academic literature.
The technical approach, architectural decisions, and implementation details presented in this paper are the result of original thinking and practical development work, building on the principles of individual freedom and self-determination into the digital age.
While the protocol utilizes established cryptographic primitives and distributed systems concepts, the specific combination and application of these technologies to achieve true sovereign identity represents novel contributions to the field.
Build on the API, read the guides, or create your identity—non-commercial use is freeware; commercial use requires a license.