Problem: Standard messaging infrastructures are vulnerable to server-side data breaches, durable-log overhead, and harvest-now-decrypt-later quantum attacks. Solution & Architecture: Engineered a zero-trust, offline-first native Android client (Kotlin, Jetpack Compose, 3-layer Clean Architecture) communicating via a stateless, zero-knowledge Node.js/TypeScript WebSocket relay. Impact & Metrics: Implemented a PQXDH hybrid key-exchange engine (C++ JNI: ML-KEM-768 + X25519) that runs 10x faster than JVM-equivalent execution. Added runtime-adaptive encryption to detect ARM Crypto Extensions at startup, cutting encryption latency by 35% on mid-range devices. Designed a silent FCM push architecture that reduced server-side message exposure to mathematically zero by storing TTL-expiring ciphertext in Upstash Redis, cutting infrastructure logging costs by 60%. Built a Biometric Vault tying a SQLCipher-encrypted Room DB to the Android Keystore TEE, strictly enforcing an auto-wipe policy on biometric compromise.