The problem is not deletion. The problem is proof of destruction.
Every tactical team that has been handed a digital tool asks the same question first: what happens to the data when the mission is over? The concern is not theoretical. Military records are subject to FOIA requests. Operational decisions made under fire can be reviewed, investigated, and second-guessed years later by people who were not present. Operators who have seen colleagues face scrutiny for split-second decisions do not trust any system that creates a permanent record.
Standard file deletion does not solve this. Deleting a file removes the directory entry but leaves the data on disk until overwritten. Forensic tools recover deleted files routinely. Even full-disk encryption with remote wipe depends on network connectivity at the moment of compromise, which may not exist in a tactical environment. The operator needs a mechanism that is immediate, local, cryptographically irreversible, and provable.
DualDAR: two layers of encryption, one mission key
EdgeLance implements dual data-at-rest encryption (DualDAR). Layer one is hardware: Apple Data Protection via the Secure Enclave provides AES-256-XTS encryption of all device storage, managed by the hardware security module. Layer two is application: EdgeLance encrypts every mission record individually using AES-256-GCM with a mission-scoped key.
The mission key is derived using PBKDF2 with 100,000 iterations over the operator's PIN concatenated with the device's hardware identity. The hardware binding means the same PIN on a different device produces a different key. If an adversary captures a device and separately obtains the PIN, they still cannot derive the key on different hardware.
The mission key is held exclusively in volatile memory. It is never written to disk. Every detection, threat assessment, transcription, recommendation, and operator decision is encrypted under this one key. When the key is destroyed, every record encrypted under it becomes mathematically unrecoverable.
AI outputs are bound to the same key as source data
This is the detail most encryption systems miss. In a conventional architecture, raw sensor data might be encrypted but the AI's analysis of that data is stored separately, in inference caches, result databases, or log files, often unencrypted or under a different key. An adversary who cannot recover the original video frame might still recover the AI's threat assessment, which reveals what the operator was looking at and what they decided to do.
EdgeLance binds all AI-generated outputs to the same mission key as the source data. Object detections from YOLOv8, threat assessments from Gemma 4 vision, audio transcriptions from Whisper, recommended actions from the response engine, and operator override decisions are all encrypted under the mission key. The evidence chain, from raw sensor frame through AI analysis through operator decision, is an atomic unit under a single key.
Destroy the key, and the entire chain disappears. The source data, the AI's interpretation, and the operator's response become simultaneously unrecoverable. There is no partial intelligence left behind.
Destruction across the mesh without connectivity
A tactical mesh may have multiple nodes holding mission data. Destroying the key on one device does not destroy cached intelligence on other nodes. EdgeLance addresses this with two mechanisms.
First, each mesh node receives a mission sub-key derived from the master mission key via HKDF. When the operator initiates destruction, a signed purge command is broadcast through the mesh using store-and-forward. Each node that receives the command verifies the signature, destroys its local sub-key, and wipes its encrypted mission store.
Second, every node runs a classification-tiered destruction timer. TOP SECRET data self-destructs after 6 hours without heartbeat renewal. SECRET after 12 hours. CUI after 24 hours. If a node is permanently disconnected from the mesh, it autonomously destroys its mission data on schedule. No connectivity required. No operator action needed. The classification level determines the maximum lifespan of the data, enforced by the node itself.
The duress mechanism: destruction that looks like cooperation
If an operator is captured and compelled to unlock their device, EdgeLance provides a duress PIN. The duress PIN is stored only as a salted hash. It is never transmitted or logged in plaintext. When entered, the device performs immediate mission key destruction via three-pass memory zeroization (zeros, random bytes, zeros), wipes the encrypted mission store per NIST 800-88 guidance, publishes a silent alert with the device's GPS coordinates to the team, and displays a normal unlock screen with non-sensitive default content.
The adversary sees a functioning device. The team sees a duress alert with location. Every byte of mission intelligence is gone. The key that would make it recoverable no longer exists in any form. No network required. Local cryptographic destruction triggered by the operator under hostile conditions, designed to be indistinguishable from a normal unlock.
The operator contract
When the operator wipes, the following is destroyed across all participating nodes: raw sensor frames, AI detections and classifications, threat assessment narratives, audio transcriptions, recommended actions, operator override decisions, evidence annotations, and the key that could reconstruct any of it. What survives: the manifest ID and signed receipts for audit chain completeness. The content those receipts reference is gone.
This is the contract that earns operator trust. A cryptographic guarantee enforced by mathematics, not promises. The operator does not have to trust EdgeLance with their data. They have to trust AES-256-GCM, PBKDF2, and the laws of computational complexity. Those have a better track record than any vendor's privacy commitment.