Preamble
Welcome to SoloBox (hereinafter referred to as "we," "the Platform," or "SoloBox"). These Terms of Service (hereinafter referred to as "these Terms") constitute a legally binding agreement between you and SoloBox governing your use of our application, website, and related digital-asset security protocols (collectively, the "Service").
Please read these Terms carefully before creating your SoloBox account. By registering for, accessing, or using our Service, you acknowledge that you have fully read, understood, and agree to be bound by these Terms. If you do not agree with any part of these Terms, please do not use the Service.
1 Non-Custodial Nature of the Service
SoloBox provides a non-custodial digital storage and inheritance protocol built on end-to-end encryption. This architectural choice carries the following legal and technical implications:
1.1 You Are the Sole Key Holder
We do not store, transmit, or have any ability to reset your Master Password or the underlying encryption keys. All cryptographic key material exists exclusively within the hardware security enclave (Secure Enclave) or protected system memory of your local device.
1.2 Absolute Access Restriction
Neither SoloBox nor its employees, affiliates, or any third party possesses the technical capability to decrypt, view, or recover any data stored in your encrypted vault. This is not a policy commitment; it is a structural guarantee inherent to our zero-knowledge architecture.
1.3 Your Ultimate Responsibility
2 Digital Inheritance Protocol
SoloBox enables you to configure a digital inheritance mechanism so that, in the event of prolonged inactivity, access credentials can be securely transferred to your designated beneficiary. The technical implementation relies on the Sentinel Protocol and a key-shard scheme (see Technical Whitepaper, Sections 6.1 and 5.3).
2.1 Trigger Mechanism
You understand and agree that the system will automatically determine whether to trigger the inheritance protocol based on a configurable silence period you have preset (default: 180 days of no login activity). Before triggering, the system will enter a grace period during which high-frequency alerts are sent to you via multiple channels (email, SMS). Logging in and completing biometric verification at any point during the grace period will immediately halt the alert sequence and reset the inactivity timer. Once the grace period expires, the trigger is irreversible.
2.2 Responsibility for Information Accuracy
You are solely responsible for ensuring that the contact details of your designated beneficiary (e.g., email address) are accurate and active. SoloBox assumes no liability for credential delivery failures or unauthorized receipt of credentials caused by incorrect, expired, or intercepted contact information provided by you.
2.3 Summary of Rights and Obligations
| Role | Rights | Obligations |
|---|---|---|
| Account Owner | Configure the silence period, designate a beneficiary, and reset the timer at any time. | Maintain valid beneficiary contact information; log in regularly to prevent accidental triggers. |
| SoloBox | Release Shard A only after the protocol is triggered; possesses no ability to decrypt data. | Safeguard Shard A; strictly enforce multi-channel grace-period alerts. |
| Beneficiary | Receive Shard A upon protocol activation and combine it with self-held Shard B to complete decryption. | Securely retain Shard B (e.g., a pre-shared passphrase or identity hash). |
3 Account Registration and Security
3.1 Eligibility
You must have reached the age of legal majority in your jurisdiction in order to enter into this agreement and use the SoloBox Service. You must ensure that all information provided during registration is truthful, accurate, and complete.
3.2 Security Obligations
You bear full responsibility for all activity that occurs under your account. Should you discover any unauthorized access or security breach, you should take immediate remedial action.
Due to SoloBox's non-custodial architecture, we are unable to unilaterally "freeze" your core data or keys from the cloud. Recommended emergency procedures include migrating your data to a new encrypted vault on an authorized device and using crypto-shredding to invalidate the original vault.
4 User Conduct and Content Standards
Although SoloBox employs a zero-knowledge architecture and therefore has no visibility into the specific content you store, you are required to comply with all applicable laws when using the Service. You agree not to use the SoloBox Service to:
- Upload, store, or distribute any content that violates applicable law or infringes upon the intellectual property rights of a third party.
- Store materials related to child exploitation, terrorism, malware distribution, or other serious criminal offenses.
- Interfere with, disrupt, or attempt to exploit vulnerabilities in SoloBox's servers or associated decentralized storage networks.
4.1 Breach Remedies
If we receive a valid legal instrument issued by a court or law-enforcement authority with competent jurisdiction establishing that your account is involved in unlawful activity, we reserve the right, to the extent permitted by law, to terminate your account service and sever the associated network routing.
Please note: Due to the technical constraints of our zero-knowledge architecture, even when an account is terminated, we remain unable to decrypt the data content itself. Account termination only severs cloud synchronization and network routing services.
5 Fees and Subscriptions
5.1 Service Subscriptions
SoloBox offers a limited set of free features alongside premium paid subscription plans. All fees are collected through designated third-party payment processors (e.g., Stripe, Apple). SoloBox does not directly process or retain your full credit-card information (see Privacy Policy, Section 4).
5.2 Automatic Renewal
Unless you actively cancel before the end of the current billing cycle, your subscription will automatically renew and the applicable fees will be charged to your default payment method. You may manage or cancel your subscription at any time through your account settings.
5.3 Refund Policy
Except where mandatory refund rights are provided by applicable law, subscription fees already paid are generally non-refundable. For higher-tier vault plans that have activated the "Digital Perpetuity Fund," a portion of the fees has been locked into a smart contract or trust fund to guarantee perpetual storage; that portion is non-refundable.
6 Third-Party Services and Networks
To deliver high-durability storage, SoloBox's underlying architecture integrates trusted decentralized networks (e.g., IPFS) and other cloud routing services. You understand that the operational status of these underlying networks may be affected by global internet conditions beyond our control.
We will make commercially reasonable efforts to maintain service availability but assume no liability for delays, outages, or force majeure events caused by third-party networks. No third-party service provider can decrypt your core data — they handle only ciphertext.
7 Disclaimer of Warranties
THE SERVICE IS PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS.
SoloBox expressly disclaims all warranties of any kind, whether express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement. We do not guarantee that the Service will be uninterrupted or error-free, nor do we guarantee that your encrypted data packages will be immune to all forms of data corruption.
However, please note that SoloBox employs AES-256-GCM encryption, which incorporates built-in data-integrity verification. Any tampering with the ciphertext — even a single bit-flip — will be detected during decryption and trigger an authentication failure, completely refusing execution. There is no silent-corruption pathway. This represents an architectural alerting capability, not a guarantee of absolute immunity from corruption.
8 Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, SoloBox and its affiliates shall not be liable for any indirect, incidental, special, or punitive damages (including but not limited to loss of profits or data loss) arising from or related to your use of, or inability to use, the Service.
In no event shall SoloBox's aggregate liability exceed the total amount you actually paid to SoloBox during the twelve (12) months immediately preceding the event giving rise to the claim.
| Scenario | SoloBox Liability Boundary |
|---|---|
| Master Password loss | Unable to provide password recovery or data restoration; no liability assumed. This is an inherent constraint of the non-custodial architecture. |
| Inheritance delivery failure | Not liable for delivery failures caused by incorrect or expired beneficiary contact information. |
| Third-party network outage | Commercially reasonable efforts to maintain availability; not liable for outages or force majeure attributable to third-party networks. |
| Data corruption | AES-256-GCM provides integrity detection, but absolute immunity from corruption is not guaranteed. |
| Liability cap | Shall not exceed the total amount you actually paid to SoloBox in the 12 months preceding the event. |
9 Amendments and Termination
9.1 Amendments to These Terms
We reserve the right to update these Terms at any time. For material amendments — particularly those affecting liability boundaries, data-processing practices, or fee structures — we will provide advance notice through the following channels:
- In-app notification: Displayed prominently within the client application.
- Email: Sent to your registered email address with a clear description of the changes and the effective date.
Updated Terms will be published at least 30 days before they take effect. Your continued use of the SoloBox Service after the new Terms become effective shall be deemed acceptance of the amended Terms. If you do not agree with the amendments, you have the right to discontinue use of the Service and delete your account before the effective date.
9.2 User-Initiated Termination
You may deactivate and delete your account at any time. After account deletion, you may use crypto-shredding to render all cloud-stored data permanently undecryptable (see Privacy Policy, Section 5.1). Even if the SoloBox service goes offline permanently, you can still recover your data using the offline decryption toolkit (see Privacy Policy, Section 5.3).
9.3 SoloBox-Initiated Termination
SoloBox reserves the right to suspend or terminate your use of the Service in the event of a material breach of these Terms. Termination measures include severing cloud synchronization and network routing services. However, due to the technical constraints of the zero-knowledge architecture, we are unable to delete or decrypt any encrypted data you have already stored.
10 Governing Law and Dispute Resolution
These Terms shall be governed by and construed in accordance with the laws of the jurisdiction in which SoloBox is incorporated, without regard to its conflict-of-laws provisions. Any dispute arising out of or in connection with these Terms shall first be resolved through good-faith negotiation. If negotiation fails, either party may institute proceedings before a court of competent jurisdiction.
11 Contact Information
Should you have any questions regarding these Terms, please contact us at:
Legal Affairs: legal@solobox.com
We undertake to respond to your inquiry within 30 business days of receipt.
These Terms of Service, together with the Privacy Policy, constitute the complete legal framework of the SoloBox Service. By registering for and using the Service, you acknowledge that you have read, understood, and agree to be bound by all of the above.