I’m commissioning a cross-platform Phantom Portfolio Vault that runs seamlessly as a web portal, a native mobile app, and a desktop client. The single, non-negotiable requirement is impenetrable privacy: data must remain locally encrypted, unlocked only through biometric authentication (Face ID, Touch ID, Windows Hello, etc.). My immediate focus is on secure storage for high-net-worth users—think private documents, statements, and deal files—so the core build should deliver a zero-knowledge architecture with end-to-end encryption at rest and in transit. Investment tracking or transaction modules can be architected for future phases, but they’re out of scope for this first release unless you can show they won’t dilute security. To keep expectations crystal-clear, here’s what I need to see at hand-off: • Fully functional web, iOS/Android, and Windows/Mac apps that share a common encrypted data layer • Biometric login flows tested on at least two real devices per platform • Source code, build scripts, and concise deployment documentation • A short security white-paper outlining the cryptography stack and threat model Hand-over isn’t complete until penetration testing passes and I can personally verify a cold start to biometric-unlock sequence on all three platforms with no data leakage.