Technical White Paperv2.0 · May 2026

Zero-Retention Architecture: How ShieldDrop Processes Legal Documents Without Touching a Server

Server files processed

0 bytes

Data retained after session

Third parties with file access

Tools in suite

200+

File types supported

Subpoena surface area

Executive Summary

ShieldDrop Legal Suite is a browser-native legal technology platform providing 10 AI-powered tools for attorneys, paralegals, and investigators. All file processing executes within the user's browser using WebAssembly, the File System Access API, and the Web Crypto API. No document content, audio recording, case note, or metadata is ever transmitted to ShieldDrop servers or any third-party service.

This is not a policy choice — it is a technical constraint deliberately engineered into the platform. ShieldDrop cannot store your files because we never receive them. This distinction matters under ABA Model Rule 1.6, ABA Formal Opinion 477R, and attorney-client privilege doctrines across all 50 U.S. jurisdictions.

Browser APIs Used

📂

File API / FileReader

Reads selected files into ArrayBuffer without network transmission

⚡

WebAssembly (WASM)

Executes compiled C/C++/Rust code for PDF parsing and metadata extraction at near-native speed

🔐

Web Crypto API

AES-256-GCM encryption for VaultNotes — key derived from passphrase via PBKDF2, never transmitted

🎙️

MediaStream / WebRTC

Captures microphone audio for VaultDictate — audio passed directly to Whisper WASM, never routed through network

💾

IndexedDB / localStorage

Session preferences only — no document content ever written to browser storage

Per-Tool Technical Specifications

ShieldDrop

WASM-compiled libexif + qpdf engine strips EXIF/XMP/IPTC from images and performs incremental-update rebuild on PDFs. 200+ MIME types. All processing in ArrayBuffer — zero network calls.

VaultDictate

Whisper.cpp compiled to WASM via Emscripten runs in a browser worker thread. Audio captured via MediaStream, transcribed in-process. No network calls after page load.

TrialMind / CaseBrief / DocketForge

Text-based AI tasks route to Groq API via /api/ai server route. Only typed text is transmitted — never uploaded files. Documents are never sent anywhere.

VaultNotes

AES-256-GCM via SubtleCrypto. 256-bit key derived from passphrase using PBKDF2 with 100,000 iterations. IV generated per encryption. Key never transmitted.

RedactAI

Pattern library (SSNs, EINs, phone numbers, account numbers) runs client-side. AI contextual suggestions use /api/ai with text-only input — never file content.

ChainKeep / DeadlineCalc

Pure client-side computation. No external APIs. Reports rendered to PDF via jsPDF in-browser library.

LegalTranslate

Source text transmitted to /api/translate (Groq/OpenRouter). Document files never transmitted — only extracted text content for translation.

ABA Ethics Compliance

ABA Model Rule 1.6(c) requires attorneys to make "reasonable efforts to prevent inadvertent or unauthorized disclosure" of client information. ABA Formal Opinion 477R (2017) extends this to cloud service selection. ShieldDrop's zero-retention architecture satisfies the most stringent reading of Rule 1.6(c) because there is no data to disclose — we receive no file content.

Fourteen state bars including New York, California, Texas, and Florida have issued opinions requiring affirmative metadata scrubbing before document production. ShieldDrop directly addresses this obligation.

✅ Verify zero transmission in 60 seconds

Open Chrome → Right-click → Inspect → Network tab
Go to shielddroplegal.com/shielddrop
Drag any document onto the drop zone and process it
Watch the Network tab — zero outbound file data requests

Start Free Trial →Press Kit Enterprise