The blue checkmark for the physical world.
A $50,000 accelerator crosses six jurisdictions before it reaches a rack. It has a serial number — not a history. Sovereign Proof gives every server, GPU, and rack a cryptographically signed biography, binds it to the silicon, and anchors it to Bitcoin — so not even we can rewrite it.
Secure Boot checks the signature. It never checks the biography.
A correctly signed OS will boot happily on a server that sat unlocked in a parking lot for six hours. Between the loading dock and the boot sequence, hardware can be swapped, backdoored, or cloned — and no one would know.
Fab
Freight · Ports · Warehouses · Unverified hands
Rack
This isn't hypothetical. A Senate investigation found over 1 million suspect counterfeit parts already inside the U.S. defense supply chain — more than 70% traced to China. — U.S. Senate Armed Services Committee
Provenance isn't a feature anymore. It's a filing.
Federal law already forces contractors to prove where their silicon came from — and almost none of them can. We're the evidence behind a signature they're already on the hook for.
DFARS traceability
Defense contractors must trace parts to the original manufacturer. Today that's a binder of supplier PDFs. Paperwork can be forged. Silicon can't.
NDAA §5949
Every federal contractor must certify no banned-fab (SMIC/YMTC/CXMT) semiconductors — after a "reasonable inquiry," with a 72-hour report duty and False-Claims-Act exposure.
Chip Security Act
Chip-level ownership records, location verification, and tamper reporting to BIS. The provenance ledger, proposed as federal law. Proposed legislation — a tailwind, not yet enacted.
We give every machine a biography — and a voice.
Built on the Social Identity of Objects patent suite, Sovereign Proof treats each device as a social entity with a birth certificate and a life story.
The Ledger
An air-gapped, tamper-evident chain of every life event — foundry genesis to rack install. Each handler signs its own custody events; any retroactive edit breaks the chain.
The Interrogator
An on-device LLM that turns that history into plain language. Ask the hardware where it's been — it answers in the first person, and never phones home.
The Trust Score
A deterministic 0–100 integrity score, computed from cryptographic evidence — not the LLM. If the story doesn't add up, the machine never boots.
Every event recorded, signed, scored — before boot.
Enroll at genesis
We verify the device's manufacture-time identity — the key NVIDIA or the TPM fused into the silicon — and record it. No foundry access needed.
Sign & chain
Every life event — transport, scan, install — is signed by its handler and hash-linked to the last.
Challenge
At each checkpoint the device must prove it still holds the key it was enrolled with — catching a swap or clone.
Anchor
The fleet's integrity fingerprint is committed to Bitcoin — history becomes unrewritable.
Trust gate
The score is computed and gated. Boot — or quarantine.
Perfect paperwork. Wrong machine.
Documents can be forged by insiders. Silicon can't lie. We check both — which is why a unit with a flawless custody record still fails if the device answering the challenge isn't the one we enrolled.
And it's not just swaps. The engine detects the full taxonomy a compliance team faces:
A ledger asks you to trust the operator. We remove even that.
Every custody record is signed and hash-linked — so an outsider can't edit history. But a permissioned operator theoretically could. So we commit the fleet's integrity fingerprint to the Bitcoin blockchain via OpenTimestamps. After a fingerprint is anchored, not even Sovereign Proof can alter earlier history without the public record disagreeing.
No coin. No gas. Just one hash — OpenTimestamps batches millions of them into a single Bitcoin transaction. The device stays fully air-gapped; a connected node publishes the fingerprint.
Three things the incumbents can't copy.
A neutral, audited, air-gapped standard — not a chipmaker's in-house tool. You can't self-certify your own trust.
| Cloud IoT Azure Sphere |
Provenance IBM · TPM |
Sovereign Proof | |
|---|---|---|---|
| Sovereignty | Cloud-dependent | Centralized ledger | Air-gapped & offline |
| Logic | Pass / fail | Static scan | Behavioral trust score |
| Anchor | Account trust | Static certificates | Signed chain + live silicon challenge |
| Rewrite resistance | Vendor-controlled | Operator-controlled | Anchored to Bitcoin — trustless |
| Key custody | Cloud-managed | Per-device, static | HSM/TPM — key never leaves the token |
| Interface | Dev console | IT dashboard | Natural-language interrogator |
A decentralized network of physical trust.
Every party that touches the hardware runs a Sentinel node and signs the events it witnesses. The more of the chain that participates, the more complete and trustworthy every device's provenance becomes — a DePIN for hardware trust.
No token required. The security comes from the cryptography, and public anchoring gives blockchain-grade immutability without it. The core standard is designed to be neutral and adopted — a referee every chipmaker and nation can trust, because you can't self-certify your own hardware.
Questions we get in every room.
How is this different from a TPM or Secure Boot?
Why won't NVIDIA just build this themselves?
Do you need the foundry or the chipmakers to cooperate?
Is this blockchain? Do you have a token?
Is our cargo history visible on the blockchain?
Does it need the cloud or internet?
What's driving urgency now?
What do I actually have to do to use it?
Is it real, or a demo?
Open the case. Scan the blade. Ask it a question.
The Sentinel runs entirely offline — the ledger, the model, and the verdict all live inside the chassis. Interrogate a verified unit, watch a compromised one indict itself, then import your own custody data and score your real supply chain in seconds.