Verifiable
Encrypted Storage.
Client-side encryption with cryptographic proof of every operation. Upload, access, share, and deletion — each produces a Merkle-anchored transparency record.
Sovereign Drive encrypts in your browser with keys the server never holds. Every file operation commits a leaf to an append-only transparency log. Deletion is provable. Sharing is cryptographically bound to recipient identity.
The Stakes
Encryption protects data at rest.
Nothing proves what happened to it.
GDPR Article 17 requires erasure "without undue delay" but defines no mechanism to prove deletion occurred. India's DPDP Act mandates data principals' right to erasure, with enforcement timelines expected by 2027. California's Delete Act imposes $200/day compounding fines per unfulfilled erasure request. Cumulative GDPR fines since 2018: €5.88 billion. There is no standard technical solution for provable deletion.
DATA_DEATH: a cryptographic death certificate for files.
When a file is deleted, a DATA_DEATH leaf is committed: file ID, ciphertext hash (matching the birth certificate), deleter's fingerprint, timestamp, revoked shares. The blob is permanently removed. The per-file encryption key's salt is deleted, making re-derivation impossible. The user receives a Merkle inclusion proof — independently verifiable by any third party, including regulators.
Access logs the admin cannot edit.
Every file access commits a FILE_ACCESS leaf with the accessor's fingerprint, access type, ciphertext hash, and timestamp. Cloud admin consoles log access, but the provider controls the console and can modify the logs. Sovereign Drive's access log is independently verifiable — the same structure that secures Certificate Transparency for TLS.
Mathematical, not policy-based.
The server stores only ciphertext it cannot decrypt. Training on ciphertext is structurally impossible — a mathematical property, not a policy promise. Combined with the tamper-evident access log, any unauthorized access attempt appears as an anomalous FILE_ACCESS leaf. Cloud providers publish policies. This makes the guarantee structural.
One audit query. Complete chain of custody.
Drive, Mail, and VPN Governance share the same Merkle tree. A single audit query traces: governance decision → email that communicated it → file containing the evidence → who accessed the file → when it was deleted. This cross-product provenance chain does not exist anywhere else.
01 — The Difference
Policy Statements vs.
Cryptographic Proofs.
Encryption, access control, and deletion are standard capabilities. Independent verification of those operations — without trusting the infrastructure operator — is not.
| Conventional Cloud Storage | Sovereign Drive | |
|---|---|---|
| Encryption | Server-side encryption with provider-managed keys. Decryption capability retained by the infrastructure operator for indexing and compliance. | Client-side AES-256-GCM. Per-file keys derived via HKDF from a master key stored only in your browser. The server stores ciphertext it cannot decrypt. Not by policy — by math. |
| Access log | Mutable database records. Access logs stored in operator-controlled systems without independent tamper detection. | Append-only Merkle tree. Every upload, download, share, and deletion is a leaf with a hash chain to the root. Tampering breaks the tree. |
| Deletion | Confirmation message. No cryptographic proof of destruction. No independently verifiable audit trail for deletion events. | DATA_DEATH leaf proves destruction. The deletion is Merkle-anchored, timestamped, and independently verifiable. Auditors can confirm it. |
| Sharing | Link-based sharing with access control lists. No cryptographic binding between recipient identity and decryption capability. | Two modes: ECDH key wrapping (P-384) for identity-bound shares where recipients must prove key ownership, plus time-limited share links. Both modes are logged as transparency leaves. |
| Audit | Operator-managed admin console. Audit scope determined by the infrastructure provider, not by the data owner. | Transparency log with inclusion proofs. Tenant-scoped access. You audit the math, not the provider. |
02 — How It Works
Three Steps.
Three Proofs.
Every file upload produces three verifiable actions. You see each one happen in real time.
03 — Deletion as Proof
Delete Is a Governance Action.
Not a Warning Dialog.
When you delete a file in Sovereign Drive, you don't get "are you sure?" — you get a receipt. The encrypted blob is destroyed. All shares are revoked. A DATA_DEATH leaf is committed to the transparency log.
Conventional storage architectures do not produce deletion proofs because they were not designed to. Sovereign Drive was.
04 — Zero-Knowledge Sharing
Share a File Without
Trusting the Server.
Sovereign Drive sharing wraps the file's encryption key to the recipient's public key using ECDH (P-384). The server transports ciphertext it cannot decrypt. Decryption capability is cryptographically bound to the intended recipient.
1. Look up Bob's P-384 public key
2. ECDH → shared secret (384 bits)
3. HKDF-SHA-256 → AES-KW wrapping key
4. Wrap the per-file AES key
5. FILE_SHARE leaf committed
1. Receive wrapped key + sender fingerprint
2. Verify sender's public key fingerprint
3. ECDH reverse → same shared secret
4. AES-KW unwrap → file key
5. AES-256-GCM decrypt in browser
The server never sees the file key. It transports a wrapped key blob that is useless without Bob's private key. If the server is compromised, Eve gets ciphertext and a wrapped key she cannot unwrap.
05 — Architecture
Edge-Native.
Zero-Knowledge by Design.
Sovereign Drive is a vertical on the ObligationSign platform. Same infrastructure that governs VPN tunnels, mail delivery, and AI agent obligations.
HKDF + AES-256-GCM.
Random 256-bit master key generated and stored in your browser's IndexedDB. Per-file keys derived via HKDF with unique salts. 12-byte random IVs. Ciphertext integrity via GCM authentication tag. Key material never leaves your browser.
Merkle hash tree.
Every file operation — upload, download, share, revoke, delete — commits a leaf. Hash chain guarantees append-only ordering. Root hash published in signed tree head. Anyone can audit.
ECDH-P384 key registry.
Each user generates a P-384 key pair stored in IndexedDB. Public key registered in the Key Registry. Fingerprinted via SHA-256. Used for share-time key wrapping and recipient verification.
Distributed object storage.
Encrypted blobs in geo-distributed object storage. File metadata and access logs in key-value stores. No database servers to manage, breach, or subpoena. Data residency controlled by bucket jurisdiction.
Zero-trust gateway + JWT.
Authentication via zero-trust gateway with RS256 JWT validation. No passwords stored. No session cookies to steal. Identity is cryptographically bound to the access token.
Metered via Stripe.
Pay for what you use. Storage, operations, and shares are metered. 30-day L1 free trial. Same billing infrastructure as all ObligationSign verticals.
Business Impact
The Regulatory Reckoning
for Data Lifecycle.
Article 17 requires erasure "without undue delay." DATA_DEATH leaves provide independently verifiable evidence. Respond to erasure requests with a downloadable Merkle proof, not a confirmation email. Regulators verify the proof themselves.
Compounding fines per unfulfilled erasure request. Sovereign Drive produces a cryptographic death certificate for every deleted file. The proof is generated at deletion time — no retroactive evidence gathering required.
India's Digital Personal Data Protection Act mandates the right to erasure with enforcement mechanisms expected by 2027. No standard technical solution exists for provable deletion. Sovereign Drive's DATA_DEATH + Merkle inclusion proof is a complete implementation of this requirement.
Tamper-evident access logs constitute stronger evidence than admin-console exports. FILE_ACCESS leaves are Merkle-anchored and independently verifiable. In litigation, a cryptographic proof that an access log has not been modified carries more weight than a database export signed by the party who controls the database.
Mathematical proof that stored data cannot be ingested into training pipelines. The server stores ciphertext it structurally cannot decrypt. Combined with the tamper-evident access log, Sovereign Drive provides the evidence that enterprise AI governance policies promise but cannot currently verify.
Every File Operation.
Every Proof.
Independently Verifiable.
Upload a file. Watch it encrypt in your browser, store as ciphertext, and anchor in the transparency log. Three operations, three proofs.