Encrypted in your browser before it leaves it — even we can't read your prompts. Draft contracts in Canvas, search case law with cited sources, and send documents for signature. One workspace. Zero plaintext on our servers.
Every state bar that has issued AI guidance — California, New York, Florida, Texas, Pennsylvania — and the ABA's own Formal Opinion 512 agrees on one thing: uploading client information to a tool a third party can read may waive privilege.
Enterprise terms don't fix this. The vendor still holds the keys. Staff still have access. A subpoena, breach, or misconfiguration still exposes plaintext.
Arcaveli is different by architecture. Your prompts are encrypted in your browser before they ever reach us — with a key only you hold. We can't read them. Our staff can't. A breach produces ciphertext, not your client's matter.
"Draft a one-way NDA between [client] and [counterparty], 2-year term." The AI drafts straight into Canvas — Word-style editor with inline signature blocks.
Pick the Law agent. "Recent appellate cases on at-will employment in Florida." Searches CourtListener and cites every source. No hallucinated citations.
Click Request signature. Signer agrees to ESIGN/UETA consent, signs in their browser, signature is encrypted to your key. No DocuSign account needed.
A breach of our servers? Attackers see ciphertext. Read the architecture →
| id | user | assistant |
|---|---|---|
| 4a2f | Re: Acme v. Wexler — settlement at $2.4M, send draft. | Drafted. Key terms: indemnification, NDA carve-out, non-compete 18mo. |
| 5b91 | Client J. Smith — DUI Feb 14, prior 2019. Plea offer? | Recommend counter at supervised probation; cite Fla. § 316.193(2)(b). |
| 6c34 | XYZ Inc NDA — add trade-secret carve-out, 2-year term. | Drafted. Pulled three Delaware Chancery opinions for boilerplate. |
| id | user | assistant |
|---|---|---|
| 4a2f | eyJlbmNyeXB0ZWRLZXkiOiJTM3pE… |
eyJlbmNyeXB0ZWRLZXkiOiJBN3hQ… |
| 5b91 | eyJlbmNyeXB0ZWRLZXkiOiJtMU1N… |
eyJlbmNyeXB0ZWRLZXkiOiJqM2Jr… |
| 6c34 | eyJlbmNyeXB0ZWRLZXkiOiJ4SS8r… |
eyJlbmNyeXB0ZWRLZXkiOiJ2aTYw… |
Encryption is hybrid RSA-2048 + AES-256-GCM. Your private key is generated and held exclusively in your browser — we never see it, can't recover it, can't reset it. Full cryptographic detail →
Reasonable-efforts standard for technology safeguards is met by zero-knowledge encryption: the vendor cannot disclose what the vendor cannot read.
Every electronic signature gates on an explicit consumer disclosure consent. Disclosure version, timestamp, IP, and user-agent are recorded as evidence.
Available BAA for firms handling PHI in matters (medical malpractice, healthcare regulatory, employment). Zero plaintext PHI storage.
Need a BAA, DPA, or vendor-security questionnaire? legal@arcaveli.com
Starter at $149/mo gives a single attorney 5M monthly AI credits, full Canvas + signatures + research agents, and an available BAA. Business at $499/mo adds a shared 25M-credit pool for up to 25 colleagues, audit log, and per-member usage breakdown — designed for firms billing collaboratively across matters.
No credit card required to sign up. Cancel anytime from settings.
The waiver risk in most state bar AI guidance comes from disclosure to a third party. Arcaveli is built so disclosure to us is cryptographically prevented: every prompt is encrypted in your browser to a key only you hold before it leaves the device. We cannot read it, our staff cannot read it, a subpoena to us produces ciphertext. That is the practical inverse of the disclosure-waiver risk.
OpenAI's enterprise products promise not to train on your data and offer SOC 2 reports — both real and useful. Neither, however, encrypts your prompts so that OpenAI itself cannot read them. We do. The model provider receives plaintext for the duration of the inference call (Anthropic, in our case, on Starter and Business plans), but we re-encrypt the response to your key before persisting it. Net result: the long-lived storage layer — the place a breach actually happens — never holds your client's information in readable form.
Yes — for any record covered by the federal ESIGN Act and state UETA, which is the vast majority of commercial transactions. Every signature is preceded by an explicit consumer disclosure consent (the signer must check "I Agree" before signing) and the signing event records timestamp, IP, user-agent, and the disclosure version they accepted. Read the disclosure. Excluded categories — wills, codicils, certain family-law instruments — should still be paper-signed.
Your encrypted history becomes permanently unreadable. We can't recover it — not by reset, not by court order, not by technical procedure. We provide eight one-time recovery codes at signup specifically to prevent this. Save them. The same property that makes us unable to read your data makes us unable to recover it for you.
BAA: yes, on request, included with Starter and Business. DPA (for EU/UK clients): yes. Vendor security questionnaires: send them to legal@arcaveli.com — we typically turn them around in 3-5 business days.
Records you create are your records, decryptable only by you. Standard preservation, collection, and production obligations apply to you in the same way they would to your local Word documents — Arcaveli is not a custodian of plaintext. You can export Canvas documents to DOCX and chat history to a readable archive at any time from settings.
No card required to sign up. Draft an NDA, search a case, send for signature. Decide if it earns its keep before you ever pay.