Product

StørmTrust: root-of-trust runtime dependency

Binds sessions, identities, and event admission; outputs admission verdicts and cryptographic continuity metadata.

Not an IdP or generic KMS; it is the runtime root-of-trust.

Request demo View architecture
Role in the pipeline

Role in the pipeline

StørmTrust binds events to PQC-secured sessions, enforces ordering and anti-replay constraints, verifies governed artifacts before activation, and seals evidence into StørmVault. Primitive choice is deployment-specific (for example, ML-KEM/ML-DSA).

PQC-aligned key establishment and signature verification (primitive choice is deployment-specific).
Session binding, rotation, revocation, and deterministic anti-replay ordering.
Governed artifact signing for model packages, policy bundles, feature schemas, graph rulesets, and decision objects.
Evidence sealing and chain-of-custody into StørmVault with optional immutable anchoring.
Request demo View architecture
post-quantum trust fabric

Contract: sessions + artifacts

Session binding, artifact signing, and evidence sealing.

Inputs

Sessions, governed artifacts, and trust policies for verification.

Processing

Session binding, anti-replay ordering, and signature verification.

Outputs

Verified sessions, signed artifacts, and sealed evidence records to StørmVault.

How it works

Three steps for trust continuity.

Establish PQC/hybrid session

Session establishment with deployment-specific primitives.

Bind event to session

Attach identity and session context to each admitted event.

Enforce continuity

Anti-replay ordering with rotation and revocation.

Interfaces

Interfaces

  • Inputs: telemetry and session handshake artefacts.
  • Outputs: admission controls, anti-replay ordering, and trust metadata.
  • Contracts: crypto-agility policy, key rotation, and epoch bounds.
stormtrust interfaces
How to think about StørmTrust

Cryptographic continuity for the pipeline.

StørmTrust is the admission and integrity substrate for all components.

It binds identity and sessions, and signs runtime artifacts.

Evidence sealing keeps decisions durable over long horizons.

trust mental model
Contracts & guarantees

Trust fabric contracts.

  • PQC session binding with deterministic anti-replay ordering.
  • Signed model, policy, schema, and ruleset artifacts.
  • Key schedule derivation for data-plane encryption.
  • Evidence sealing with optional immutable anchoring.
  • Artefacts failing verification are rejected.
trust contracts
Failure modes & controls

Failure modes & controls

  • Anti-replay ordering blocks duplicate event admission.
  • Rotation and revocation invalidate compromised sessions.
  • Artifact verification failures trigger deny-by-default.
  • Evidence seals prevent mutable decision records.
trust failure controls

Capabilities

Session binding, artifact integrity, evidence sealing, and key schedules.

PQC sessions

Session-bound admission control

Binds events to PQC-secured sessions with epoch rotation, revocation, and deterministic anti-replay ordering. So what: untrusted events never enter the pipeline.

PQC session binding
key schedules
Key schedules

Key schedule for data-plane encryption

Derives symmetric AEAD keys from PQC-established secrets for bulk payload protection. Primitive selection and schedules are deployment-specific but align with NIST PQC profiles. So what: encryption stays high-throughput and auditable.

Artifact integrity

Signed governance artifacts

Verifies model packages, policy bundles, feature schemas, graph rulesets, and decision objects before use; rejects unsigned or incompatible artifacts. So what: runtime changes are governed and traceable.

artifact integrity
evidence sealing
Evidence sealing

Durable evidence chain

Seals decisions and state transitions into StørmVault with tamper-evident integrity and optional immutable anchoring. So what: the audit chain remains durable.

What StørmTrust will not allow

Hard blocks that preserve trust continuity and evidence integrity.

Unsigned artifacts

Blocks models, policies, schemas, and rulesets without valid signatures.

Unbound sessions

Rejects events not bound to active, non-revoked sessions.

Replayed or out-of-order events

Enforces anti-replay ordering and bounded session epochs for admission.

Mutable evidence

Prevents modification of sealed decisions and evidence records.

Unverified decision objects

Rejects decision outputs missing provenance or seal metadata.

Works with

Admission, inference, and evidence planes that require trust continuity.

StørmPrep

Consumes signed schemas and trust context for preprocessing.

StørmVault

Stores sealed evidence and chain-of-custody records.

StørmOps

Governs cryptographic policy and key lifecycle.

FAQ

Common questions about the trust layer.

Is StørmTrust hybrid PQC?

Deployments can use hybrid profiles; primitive selection is environment-specific.

How are artifacts governed?

Artifacts are signed and verified at admission; unsigned packages are rejected.

How does sealing tie to StørmVault?

StørmTrust seals decisions and state into StørmVault for chain-of-custody.

Request a StørmTrust demo.

Review trust contracts, governed artifacts, and evidence sealing.

Request demo View architecture