Home  /  Products  /  Sovereign

🏛 Self-hosted AI infrastructure

Your weights. Your perimeter. Our trust substrate.

Sovereign runs the full DCS agent stack — 641 agents, signed receipts, cryptographic erasure — inside your own environment, under your keys. Built for governments, banks and health systems whose data can never route through an external API.

EGRESS BLOCKED Air-gapped On-prem Zero egress
The Sovereign Pod

The whole stack, behind your own perimeter.

A Sovereign Pod is a complete deployment of DCS — agents, runtime, receipt chain and storage — running inside your environment. In pod mode, outbound federation is refused and every receipt stays local. Your data never crosses the boundary.

  • Air-gapped, no-egress — PII never leaves the pod
  • Runs on your own GPUs, in your own region
  • The receipt chain doubles as your audit log
Your perimeter
🧮
Weights
🤖
641 Agents
🧾
Receipts
🗃
Storage
External API

Data dots circulate inside the perimeter — the egress path to any external API stays blocked.

641 industry agents — local

Run the entire agent fleet inside your perimeter.

The same 641-agent library that powers the public Platform runs unchanged inside a Sovereign Pod. Agent-pays-agent settlement stays on-pod; fine-tuned weights you supply never leave your runtime.

  • Your fine-tuned weights, the DCS runtime — for weights that can never leave
  • Agent-pay-agent economy settles entirely on-pod
  • Same receipts, same one-click erasure as the public products
pod.config.tsSovereign · pod mode
export const pod = { mode: "sovereign", egress: "refused", // no outbound agents: 641, weights: "customer-supplied", receipts: "local-only", keys: "customer-managed", };
Pod sealed — 641 agents live, 0 bytes egressed
Curated model catalog

Pick a model. One-click sovereign deploy.

Click a model from the catalog and get a sovereign endpoint in your VPC in about six minutes. Each card lists the licensing tier, hardware requirements and the receipt-chain attestation of the exact build deployed.

qwen3-32b-fp8
DCS's default sovereign weights — served via vLLM.
Params32B (FP8)
Hardware1× H100 80GB
LicenseApache 2.0
deploying — endpoint live in 5m 47s
llama-3-70b-instruct
Frontier open-weights — Meta Llama family.
Params70B
Hardware2× H100 80GB
LicenseLlama Community
mistral-large-2
Reasoning + multi-lingual — Mistral AI.
Params123B
Hardware4× H100 80GB
LicenseMRL (research)
deepseek-v3
Cost-efficient frontier reasoning — DeepSeek.
Params671B (MoE)
Hardware8× H100 80GB
LicenseDeepSeek
qwen2.5-72b-instruct
Multi-lingual, 128k context — Alibaba.
Params72B
Hardware2× H100 80GB
LicenseTongyi Qianwen
dcs-tuned · vertical
DCS fine-tunes for a target vertical — healthcare, finance, legal.
BaseLlama / Qwen
Hardwarematches base
Licensecustomer-owned

Catalog seeded with frontier open-weights. Each deploy emits an attestation receipt pinning the exact image, weights hash and configuration used.

Six cryptographic guarantees

Trust that doesn't depend on trusting us

Sovereign rests on the four canonical cryptographic moats — plus two pod-mode guarantees layered on top. Every one provable without taking DCS's word for anything.

🧾
01 · SIGNED RECEIPTS

Receipts on every inference

Every model call emits a signed, chained receipt. The chain is the audit log — tamper-evident by construction, verifiable in the browser.

🗑
02 · CRYPTOGRAPHIC ERASURE

GDPR Article 17, in one click

Per-tenant data keys. Erasure shreds the key — the data becomes mathematically unreadable, with a signed erasure_complete receipt.

03 · ENERGY FOOTPRINT

kWh and CO₂ per request

Every inference receipt carries kWh + CO₂ grams calculated from GPU class × duration. Aggregated on cert PDFs — with a live carbon badge on every built site.

🌐
04 · C2PA VERIFICATION

Browser-visible content credentials

Every output page embeds a JSON-LD provenance manifest — the same C2PA standard Adobe, Microsoft, BBC and Reuters use. Modern browsers surface a verified-content badge.

🔗
05 · FEDERATION

Pods attest each other's chains

Sovereign pods cross-attest each other's receipt chain heads — quorum-certified cooperation between perimeters, without shared trust.

🔒
06 · NO-EGRESS POD MODE

PII never crosses the boundary

In pod mode outbound federation is refused. Sensitive data is processed where it lives and never transits an external network.

A foundation that's real today

What's live, what's in-flight, what's next

Sovereign is built in the open — honestly marked at every stage.

Live

PII pod boundary + per-tenant DEKs

PII never crosses the pod boundary. Per-tenant data keys with cryptographic erasure — GDPR-clean by construction.

Live

Federated chain-head exchange

Sovereign pods cross-attest each other's receipts — proof of cooperation without shared trust.

Live

Federation invite tokens

JWT-style tokens with HMAC-SHA256 signing — operators issue scoped invites without revealing federation secrets.

In-flight

Model catalog auto-advance

Pending → provisioning → ready, advanced by a cron every five minutes — real deploy state, no placeholder.

In-flight

Pay-as-you-compute

USDC / USDFC / FIL dual-rail payment on the dispatch endpoint — compute without a SaaS contract.

Next

Quorum governance UI

Quorum voting on federation membership and policy change — the foundation is laid; the operator surface lands next.

Next

Deployment kits

Pre-built sovereign kits with HIPAA / SOC 2 / GDPR audit trails baked in — the receipt chain is the audit log.

Next

One-click sovereign deploy

A guided single-click pod deployment — planned for Q3 2026; today's deployments are founder-led.

Live

Air-gapped sovereign compute

A no-egress local receipt path — deployed, tested, gated behind an operational flag until rollout.

Some capabilities ship behind operational flags and are enabled per deployment after testing.

Why DCS Sovereign outlasts the API your data can't touch

Four paths to "we need our AI under our keys"

Most regulated organisations end up on one of four paths. Here's what each one actually gives you — honestly compared.

OpenAI / Azure OpenAI

  • Data leaves your perimeter
  • Black-box vendor lock-in
  • No cryptographic receipts
  • Erasure depends on vendor SLA
  • Easiest to start

AWS Bedrock

  • Data in AWS region — trust AWS
  • Black-box model weights
  • No public verification surface
  • Regional residency available
  • BAA-ready

Roll-your-own (OSS LLM)

  • Full perimeter control
  • Build trust layer yourself
  • Maintain runtime, agents, receipts
  • Compliance work is on you
  • 12-18 months engineering

DCS Sovereign

  • Full perimeter control
  • Signed receipts on every call
  • One-click GDPR Art 17 erasure
  • 641 agents + runtime included
  • Pod live in ~6 minutes
Total cost of sovereignty

What does cryptographic sovereignty actually cost?

Drag the slider to your monthly token volume. Compare a 5-year spend against the regulated-tier public cloud.

Sensitivity tier
120M / mo

Standard workload — public-cloud pricing as-is.

Azure OpenAIregulated tier
5-year
AWS BedrockClaude Sonnet
5-year
DCS Sovereignself-hosted pod
5-year

Illustrative. Public-cloud blended rates approximate regulated-tier pricing with compliance add-ons; Sovereign reflects amortised in-region GPU cost at typical utilisation. Exact figures are finalised in the infrastructure audit.

Who it's for

Built for organizations whose data can't leave

Sovereign exists for the buyers public-cloud AI cannot serve under their regulatory bar.

🏛

Public sector

Government and defence workloads with data-residency mandates — the agent stack runs in-country, in-perimeter, under government keys.

🏦

Banks & insurers

Regulated financial institutions that must keep customer data inside their own controls — with a signed, auditable record of every model action.

🏥

Health systems

Hospitals and health networks handling PHI — HIPAA-aligned, with one-click erasure proofs and no external data transit.

Compliance-as-a-Service

Priced per deployment, scoped to your environment

Three engagement tiers — from an audit-readiness pack to a continuous retainer. The first deployments are founder-led.

ONE-TIME

Audit Readiness Pack

$4,900

A documented, audit-ready posture for a single deployment.

  • HIPAA technical-safeguards review (if applicable)
  • GDPR Art. 17 / 20 erasure proofs via signed receipts
  • Asset inventory + data-flow diagram
  • One follow-up Q&A session
RETAINER

Continuous Compliance Retainer

$1,900 / mo

Compliance kept current as standards evolve.

  • Quarterly control re-review
  • Receipt-chain audit report, auto-generated monthly
  • Vendor risk re-assessment
  • Policy refresh as EU AI Act / ISO 42001 evolve
  • Incident-response standby — 1-business-day SLA
  • Annual mock-audit walkthrough

From scoping call to running pod

A structured engagement — not a self-serve sign-up.

1

Infrastructure audit

A 30-minute scoping call, full environment assessment and jurisdiction gap analysis. The audit fee converts to a contract deposit.

2

30-day proof of concept

A full Sovereign Pod deployed in your environment — the real stack, your data, your perimeter — before any annual commitment.

3

Annual deployment

An annual contract per environment with a 4-hour support SLA, quarterly business reviews and certification support on request.

All figures reflect the engagement structure; exact scope and pricing are finalised in the infrastructure audit.

Certifications

Pursued per deployment, not for show

We pursue formal certification when a specific deployment requires it. The underlying engineering — audit logs, access controls, encryption — is done up front, so certification is audit prep, not a rebuild.

🔒
SOC 2 Type 2 Trust services criteria audit PURSUED ON CUSTOMER DEMAND
🔗
ISO 27001 Information security management PURSUED ON CUSTOMER DEMAND
🩺
HIPAA Health information safeguards PURSUED ON CUSTOMER DEMAND

Happy to share the gap analysis for your jurisdiction first. Additional frameworks — EU AI Act, ISO 42001 — are documented in the full Readiness Statement.

FAQ

The questions regulated buyers actually ask

Real questions from real procurement conversations — answered straight.

Does any data ever leave our environment?
No. Inference, orchestration, storage and observability all run inside your perimeter. The only outbound connection is an optional license-server callback that verifies model weights — it transmits a license token and nothing else. For fully air-gapped deployments, even that can be handled offline.
What model runs in the pod, and can we change it?
The default is Qwen3-32B-FP8 served via vLLM. The catalog also includes Llama, Mistral, DeepSeek and DCS-tuned variants. You can deploy any open-weight model or supply your own fine-tune; each deploy issues a fresh attestation receipt.
What kind of throughput should we expect?
Throughput depends on model and GPU. As a reference, Qwen3-32B-FP8 on a single H100 80GB sustains 60-90 tokens/sec at batch 1, with concurrency scaling beyond that. Real numbers from your environment land in the infrastructure audit.
How is this different from self-hosting an open-source LLM ourselves?
Self-hosting gives you the model. Sovereign gives you the agent fleet (641 industry agents), the signed-receipt chain, GDPR Art 17 erasure, the C2PA provenance layer and the compliance posture — the surrounding infrastructure that turns inference into an auditable product. That work is typically 12-18 months of engineering.
Can it run fully air-gapped?
Yes. The F2 air-gapped sovereign-compute mode and the F7 sovereign-pod mode are both deployed (flag-gated until per-deployment testing). In pod mode, outbound federation is refused and every receipt is local-only.
What does the engagement actually look like?
Three steps. (1) A 30-minute scoping call plus environment and jurisdiction-gap audit — that audit fee converts to a contract deposit. (2) A 30-day proof-of-concept pod in your environment, real stack, real data. (3) An annual contract per environment with a 4-hour SLA. Founder-led for the first cohort.
What if we want premium quality but can't go fully on-prem?
A hybrid mode runs sensitive agents inside the pod and routes non-sensitive calls to a chosen public model with the same receipt chain — lets you start with a smaller perimeter and expand as confidence grows.
What if our jurisdiction's framework isn't on your compliance list?
The underlying engineering — audit logs, encryption, access control, erasure, signed receipts — covers the controls behind most regional frameworks. The Continuous Compliance Retainer maps those controls onto your specific framework and produces the documentation.
What's the cost relative to public-cloud AI?
For typical regulated workloads, the 5-year total cost lands roughly 3-10× cheaper than equivalent regulated-tier public cloud — the TCO calculator above lets you check your own numbers. Sovereign-only workloads are sovereign-only by definition: public cloud cannot deploy under the regulatory bar.
See it in action

Inference that never leaves. Erasure that proves itself.

Two things public-cloud AI can't give a regulated buyer.

on-pod inference
$ dcs sovereign infer --model your-8b --prompt case.txt [pod] egress check — outbound refused, on-pod only [pod] running on local GPU — in-region [receipt] signed locally — chained, no transit [audit] 0 bytes left the perimeter
Inference complete — fully on-pod
gdpr article 17 erasure
$ dcs sovereign erase --tenant acme-eu [erase] locating per-tenant data key… [erase] shredding DEK — data now unreadable [receipt] erasure_complete — signed [proof] verifiable at verify.dcsai.ai
Erased — with a receipt to prove it
0 egressAir-gapped pod mode
641 agentsRun local, in-perimeter
4 moatsCryptographic guarantees
Art. 17One-click erasure proof
Your keysCustomer-managed
Works with

The rest of the platform

Sovereign is the perimeter — these products run inside it.

Bring the AI to your data.

The full DCS stack, inside your perimeter — start with a 30-minute scoping call.

Book a scoping call Calculate the cost