Platform Clearinghouse VPN Drive Cybersec Pricing
The email problem nobody solved: proving what actually happened.

Email was built in the 1970s for reliable delivery. It was never designed to verify sender identity, prove delivery, or produce tamper-evident records. SPF validates IPs, DKIM proves domains, DMARC ties them together — but none prove the individual sent the message. Encrypted providers answer "can someone read this?" but not "was it delivered?", "was it read?", or "was it deleted as requested?"

What this solves
Cryptographic sender authentication

Every message is signed with ECDSA P-384. The recipient verifies the signature against the sender's Merkle-anchored public key — not a DNS record an admin controls. This proves a message came from a specific person, not just a domain.

Provable delivery, read, and deletion

Every lifecycle event produces a Merkle leaf: MAIL_DELIVERY at send, MAIL_READ on open, MAIL_DELETE on erasure. These are leaves in an append-only hash tree — not database entries the operator can modify. No email provider produces independently verifiable lifecycle proofs.

Key substitution detection

In any E2E system, the server distributing keys can silently substitute its own. Sovereign Mail anchors every key registration in the transparency log. A substitution creates a visible, detectable event — the same principle behind Certificate Transparency for TLS, applied to email.

Structural anti-phishing

Between Sovereign Mail users, phishing is structurally impossible. A phishing email cannot carry a valid ECDSA signature because the attacker does not possess the private key. 91% of cyberattacks begin with phishing; BEC accounted for $2.9B in losses in 2023. Internal deployment eliminates the most costly vector.

Business value

Regulated enterprises: provable delivery receipts replace "the system says it was sent." GDPR compliance: MAIL_DELETE leaves provide independently verifiable evidence of data erasure. Sensitive communications: key substitution detection closes the fundamental weakness in E2E encrypted email. Anti-phishing: organizations that deploy internally eliminate intra-organizational spoofing — the most common and costly phishing vector.

Encrypted Inbox

Sent Messages

Compose Message

Show CC / BCC
Click to attach files (max 4 MB total)

Key Manager

ECDH P-384 key pairs for end-to-end encryption. Private keys never leave your browser. Public keys are registered to the key registry and anchored in the transparency log.

Contacts

Look up public keys from the key registry. Verify fingerprints and save trusted contacts.

Saved Contacts

Audit Trail

Cryptographically verifiable audit trail of all message operations. Each entry is anchored in the Merkle transparency log.

Billing & Settlement

Metered usage billing for Sovereign Mail. Same Stripe-backed billing infrastructure shared across all ObligationSign verticals.

Identity: Tenant: Tier: Subscription: Billing Cycle: Monthly, metered usage Payment Method:

System Status

Worker health and infrastructure status for Sovereign Mail services.

Mail Worker
E2E encrypted messaging, delivery proofs
Checking…
Key Registry
Public key storage, lookup, revocation
Checking…
Transparency Log
Merkle tree, STH, inclusion proofs
Checking…

Log STH

Tree Size: Root Hash:

Deployment Readiness

Pre-flight checklist for Sovereign Mail production readiness.

CF Access Identity
Infrastructure Workers
Transparency Log
Mail Key Pair
Billing Integration