Sovereign runs the full DCS agent stack — 641 agents, signed receipts, cryptographic erasure — inside your own environment, under your keys. Built for governments, banks and health systems whose data can never route through an external API.
A Sovereign Pod is a complete deployment of DCS — agents, runtime, receipt chain and storage — running inside your environment. In pod mode, outbound federation is refused and every receipt stays local. Your data never crosses the boundary.
Data dots circulate inside the perimeter — the egress path to any external API stays blocked.
The same 641-agent library that powers the public Platform runs unchanged inside a Sovereign Pod. Agent-pays-agent settlement stays on-pod; fine-tuned weights you supply never leave your runtime.
Click a model from the catalog and get a sovereign endpoint in your VPC in about six minutes. Each card lists the licensing tier, hardware requirements and the receipt-chain attestation of the exact build deployed.
Catalog seeded with frontier open-weights. Each deploy emits an attestation receipt pinning the exact image, weights hash and configuration used.
Sovereign rests on the four canonical cryptographic moats — plus two pod-mode guarantees layered on top. Every one provable without taking DCS's word for anything.
Every model call emits a signed, chained receipt. The chain is the audit log — tamper-evident by construction, verifiable in the browser.
Per-tenant data keys. Erasure shreds the key — the data becomes mathematically
unreadable, with a signed erasure_complete receipt.
Every inference receipt carries kWh + CO₂ grams calculated from GPU class × duration. Aggregated on cert PDFs — with a live carbon badge on every built site.
Every output page embeds a JSON-LD provenance manifest — the same C2PA standard Adobe, Microsoft, BBC and Reuters use. Modern browsers surface a verified-content badge.
Sovereign pods cross-attest each other's receipt chain heads — quorum-certified cooperation between perimeters, without shared trust.
In pod mode outbound federation is refused. Sensitive data is processed where it lives and never transits an external network.
Sovereign is built in the open — honestly marked at every stage.
PII never crosses the pod boundary. Per-tenant data keys with cryptographic erasure — GDPR-clean by construction.
Sovereign pods cross-attest each other's receipts — proof of cooperation without shared trust.
JWT-style tokens with HMAC-SHA256 signing — operators issue scoped invites without revealing federation secrets.
Pending → provisioning → ready, advanced by a cron every five minutes — real deploy state, no placeholder.
USDC / USDFC / FIL dual-rail payment on the dispatch endpoint — compute without a SaaS contract.
Quorum voting on federation membership and policy change — the foundation is laid; the operator surface lands next.
Pre-built sovereign kits with HIPAA / SOC 2 / GDPR audit trails baked in — the receipt chain is the audit log.
A guided single-click pod deployment — planned for Q3 2026; today's deployments are founder-led.
A no-egress local receipt path — deployed, tested, gated behind an operational flag until rollout.
Some capabilities ship behind operational flags and are enabled per deployment after testing.
Most regulated organisations end up on one of four paths. Here's what each one actually gives you — honestly compared.
Drag the slider to your monthly token volume. Compare a 5-year spend against the regulated-tier public cloud.
Standard workload — public-cloud pricing as-is.
Illustrative. Public-cloud blended rates approximate regulated-tier pricing with compliance add-ons; Sovereign reflects amortised in-region GPU cost at typical utilisation. Exact figures are finalised in the infrastructure audit.
Sovereign exists for the buyers public-cloud AI cannot serve under their regulatory bar.
Government and defence workloads with data-residency mandates — the agent stack runs in-country, in-perimeter, under government keys.
Regulated financial institutions that must keep customer data inside their own controls — with a signed, auditable record of every model action.
Hospitals and health networks handling PHI — HIPAA-aligned, with one-click erasure proofs and no external data transit.
Three engagement tiers — from an audit-readiness pack to a continuous retainer. The first deployments are founder-led.
A documented, audit-ready posture for a single deployment.
A full compliance program, standards-mapped, in 90 days.
Compliance kept current as standards evolve.
A structured engagement — not a self-serve sign-up.
A 30-minute scoping call, full environment assessment and jurisdiction gap analysis. The audit fee converts to a contract deposit.
A full Sovereign Pod deployed in your environment — the real stack, your data, your perimeter — before any annual commitment.
An annual contract per environment with a 4-hour support SLA, quarterly business reviews and certification support on request.
All figures reflect the engagement structure; exact scope and pricing are finalised in the infrastructure audit.
We pursue formal certification when a specific deployment requires it. The underlying engineering — audit logs, access controls, encryption — is done up front, so certification is audit prep, not a rebuild.
Happy to share the gap analysis for your jurisdiction first. Additional frameworks — EU AI Act, ISO 42001 — are documented in the full Readiness Statement.
Real questions from real procurement conversations — answered straight.
Two things public-cloud AI can't give a regulated buyer.
Sovereign is the perimeter — these products run inside it.
The full DCS stack, inside your perimeter — start with a 30-minute scoping call.