Mobile computing is controlled by centralized platforms. Developers are locked into app store policies. Users don’t own their devices in a meaningful sense. Kernel-level trust, distribution, identity, payments, and data are mediated by intermediaries.
Privacy is optional. Sovereignty is nonexistent. Platform risk is systemic.
Solution
The Mandalorian Project is building a sovereign mobile computing stack — starting at the system layer.
Instead of treating sovereignty as an app-level feature, we approach it as an architectural principle:
Kernel-conscious security model
Platform-independent identity
Decentralized service integration
Developer-first extensibility
Open governance and open-source core
We aim to create a mobile environment where:
Users control data and execution context
Developers ship without centralized gatekeepers
Trust is rooted in verifiable systems, not policy promises
I've been building a sovereign mobile computing platform
for the past year. The core thesis: most "secure" phones
are policy-secure, not architecturally secure. A court
order, a national security letter, or a compromised
update server can still get your data. We're trying to
make that architecturally impossible.
The stack:
seL4 microkernel (formally verified, capability-based)
RISC-V ISA (open, auditable, no vendor backdoors)
Post-quantum crypto: ML-KEM-1024, ML-DSA-87, CRYSTALS-Dilithium
BeskarVault HSM: 32 key slots, physical tamper destruction
Continuous Guardian: 50ms integrity checks, lives in ROM
BeskarLink: Signal Protocol + post-quantum augmentation
Shield Ledger: immutable Merkle-tree audit log
Zero cloud dependency — fully offline capable
Honest status: Phase 1, running on VisionFive 2 (JH7110). Not a phone you can buy. Architecture validation platform. 11/11 tests passing. CI/CD configured. Dual licensed (open source core + commercial tiers).
What we're looking for: cryptographers, seL4 developers, RISC-V engineers, formal verification people. Not hiring — contributing. This exists because the problem is real.
Happy to answer technical questions about the seL4 capability model, the post-quantum primitives, or why we chose RISC-V over ARM for this threat model.