System Architecture v2.0

Under the Hood

Cloud4Send is built on a modular OOP architecture, leveraging edge computing and Large Language Models (LLMs) to redefine secure file transfer.

Core Engine

PHP 8.2+ Backend with strict typing and modular architecture. Custom router handles API requests with sub-millisecond overhead.

Edge Storage

Bunny.net integration ensures files are stored on the nearest edge node to the user, reducing latency by up to 70%.

AI Analysis

Llama 3 70B model via Groq API analyzes file metadata and behavioral reports to generate real-time risk scores.

Zero-Trust

Signed URLs, forced download headers, and auto-destruction policies ensure data never persists longer than needed.

The Security Pipeline

1. Hash-Based Pre-Scan

Upon upload initiation, the SHA-256 signature of the file is extracted client-side. This hash is immediately queried against the VirusTotal API database. This allows us to identify known threats in milliseconds without uploading the full 10GB file to a scanning server.

2. Magic Bytes Verification

To prevent "Extension Spoofing" (e.g., an .exe file renamed as .pdf), the system reads the file's binary header (Magic Bytes). If the MIME-type declared by the browser does not match the binary signature, the upload is rejected immediately.

3. AI Risk Scoring (Groq Integration)

Technical analysis data is fed into the Llama 3 70B model via Groq. The AI evaluates behavioral indicators and generates a 0-10 Risk Score. Files scoring >9 are flagged as "Critical Threat" and destroyed.

4. Isolation & Storage

Clean files are encrypted (AES-256) and moved to a unique storage bucket. Direct access is blocked via Edge Rules; access is only possible through temporary, cryptographically signed URLs.

User Tokenization Logic

We do not use sequential IDs. User identity is protected through a salted hash mechanism, ensuring that storage directories cannot be enumerated.

function generateUserToken($email) {
  $salt = getenv('SYSTEM_SALT');
  $hash = hash('sha256', $email . $salt);
  // Result: 8f9a...3b21
  return substr($hash, 0, 32);
}

// Storage Path:
/storage/8f9a3b21/Q3_Report.pdf

Encryption Standards

Data at Rest
AES-256
Data in Transit
TLS 1.3
Key Exchange
ECDH
Hashing
SHA-256

Ready to Integrate?

Our Elite plan offers full API access, allowing you to integrate Cloud4Send's security stack directly into your internal tools or customer-facing products.