The Engine
Data plane — yours, downloaded
A lightweight service you run in your own environment. It inspects traffic against executable policy, strips what shouldn't pass, and destroys what has expired — then writes each event to a local, hash-chained, append-only ledger.
- Policy gaskets — regulatory rules as versioned, executable code
- In-transit redaction — PII removed before it ever exits the valve
- TTL enforcement — data carries its own expiry; the engine honors it
- Source-available — audit the code that guards your data
The Registry
Control plane — hosted, deliberately thin
The meeting place. Counterparties pin contract versions, receive drift alerts when a policy changes on either side, and anchor destruction receipts — as hashes only. We hold proofs, never payloads.
- Contract sync — standing agreements between APIs, version-pinned
- Drift detection — know the moment a counterparty's policy moves
- Receipt anchoring — public verifiability without a byte of real data
- Gasket feed — regulatory updates delivered as code, continuously