ENTERPRISE TRUST OPERATING PLATFORM v2

Enterprise Trust,
Cryptographically
Enforced.

Multi-tenant trust chains with Ed25519 signatures, tamper-evident append-only records, and policy-driven N-of-M approval quorums. Built for enterprises where trust is the product.

Ed25519
Signatures
99.9%
Uptime SLA
SOC 2
Type II Ready
TRUST CHAIN · LIVE
rec_genesistrusted
HASH
000000a3f9b
ACTION
genesis
rec_4c1dtrusted
HASH
c1e02a9f3b8
ACTION
contract.signed
rec_8f2atrusted
HASH
a3f9b2c1d8e
ACTION
approval.cast
✓ Chain integrity verified · 3 records · All signatures valid
🔏
128-bit
security level
Ed25519 Signatures
Every trust record is cryptographically signed with Ed25519. TweetNaCl on server, WebCrypto API in browser. Signatures are verified before any record is trusted.
Zero
tamper tolerance
Append-Only Chain
Records are immutable. Each entry includes a previousHash linking to the prior record, forming a tamper-evident chain that is mathematically verifiable.
🗳️
Policy
driven approvals
N-of-M Quorums
Every action can require N-of-M approvers from a defined allowlist. Records become trusted only when the quorum threshold is met.
🏢
100%
namespace isolation
Multi-Tenant Isolation
Each tenant gets isolated key, record, and approval namespaces. One cluster — unlimited tenants. RBAC enforced at every endpoint.

How It Works

Three steps to a
cryptographic trust record.

From key registration to verified approval — every step is signed, chained, and auditable.

01
Step 01

Register Key

A tenant admin calls POST /keys to generate an Ed25519 keypair. The private key is stored securely server-side; the public key is registered for the tenant's namespace and returned for client verification.

ktl-api · step-01.json
// POST /api/v2/tenants/:tenantId/keys
{
  "name": "production-signing-key",
  "algorithm": "ed25519"
}

// Response
{
  "keyId": "key_7f3a9b2c",
  "publicKey": "MCowBQYDK2VdAyEA...",
  "tenantId": "tenant_acme",
  "createdAt": "2026-04-22T10:00:00Z"
}
02
Step 02

Sign & Append Record

The Trust Engine hashes the record payload (SHA-256), appends the previousHash from the chain tip, then signs the resulting hash with the tenant's Ed25519 private key. The record is atomically appended to the chain.

ktl-api · step-02.json
// POST /api/v2/tenants/:tenantId/records
{
  "keyId": "key_7f3a9b2c",
  "payload": {
    "action": "contract.approved",
    "subjectId": "contract_8819",
    "metadata": { "approvedBy": "alice@acme.com" }
  }
}

// Response — immutable chain entry
{
  "recordId": "rec_4c1d87ea",
  "hash": "a3f9b2...d7e1c4",
  "previousHash": "c1e02a...9f3b82",
  "signature": "0x4d3f...",
  "timestamp": "2026-04-22T10:01:22Z",
  "approvalStatus": "pending"
}
03
Step 03

Verify & Approve

Verifiers call POST /trust/verify to confirm a record's signature against the public key. Approvers cast signed votes via POST /approvals. When the policy quorum is met, the record status transitions to 'trusted'.

ktl-api · step-03.json
// POST /api/v2/tenants/:tenantId/trust/verify
{
  "recordId": "rec_4c1d87ea"
}
// → { "valid": true, "signedBy": "key_7f3a9b2c" }

// POST /api/v2/tenants/:tenantId/approvals
{
  "recordId": "rec_4c1d87ea",
  "vote": "approve",
  "approverId": "user_alice"
}

// GET /api/v2/tenants/:tenantId/approvals/rec_4c1d87ea
{
  "quorum": { "required": 2, "received": 2 },
  "status": "approved",
  "voters": ["user_alice", "user_bob"]
}

Architecture

Multi-tenant trust
isolation by design.

Tenant Akeys · records · approvalsisolated namespaceTenant Bkeys · records · approvalsisolated namespaceTenant Ckeys · records · approvalsisolated namespaceTENANTSTrust APIExpress 5Zod validationJWT authRBAC rolesAPI LAYERTrust EngineEd25519 sign/verifyHash chainingQuorum engineSignature auditTweetNaCl / WebCryptoCRYPTO COREChain StorePostgreSQL / Neonappend-only recordsKey StoreEncrypted keypairsper-tenant isolationAudit LogWebhook deliveryimmutable eventsPERSISTENCEVerifiersApproversWebhooksCONSUMERS

API Reference

REST API v2.
Typed, versioned, secure.

Base: /api/v2/tenants/:tenantId/ — all endpoints require JWT auth with RBAC scope enforcement.

POST/api/v2/tenants/:tenantId/keys
REQUEST
{
  "name": "prod-key",
  "algorithm": "ed25519"
}
200 OKapplication/json
RESPONSE
{
  "keyId": "key_7f3a9b2c",
  "publicKey": "MCowBQYDK2VdAyEA...",
  "tenantId": "tenant_acme",
  "createdAt": "2026-04-22T10:00:00Z",
  "status": "active"
}

Chain Integrity

Tamper-detection built
into the hash chain.

Each record includes a previousHash — the hash of the record before it. Any tampering breaks the chain immediately.

RECORD ID
rec_001
HASH
000000a3f9b
PREV HASH
SIG
0x4d3fc8...
10:00:01Z✓ trusted
RECORD ID
rec_4c1d
HASH
c1e02a9f3b8
PREV HASH
000000a3f9b
SIG
0x9e1a2b...
10:01:22Z✓ trusted
RECORD ID
rec_8f2a
HASH
a3f9b2c1d8e
PREV HASH
c1e02a9f3b8
SIG
0x7c4f1d...
10:02:10Z✓ trusted
RECORD ID
rec_3d7e
HASH
9f1b4c8a2e7
PREV HASH
a3f9b2c1d8e
SIG
0xf2e9a3...
10:03:44Z● pending
TAMPERED
RECORD ID
rec_TAMPER
HASH
XXXXXXXX!!!
PREV HASH
BAD_HASH!!!
SIG
0xinvalid
10:04:00Z✗ invalid
✓ trusted — signature valid, quorum met
● pending — awaiting quorum
✗ invalid — hash mismatch detected

Policy Engine

N-of-M quorum approvals,
policy-first.

Every action in KTL can require multiple approvers from a defined allowlist. The policy engine enforces quorum before any record transitions to "trusted."

STEP 01
📜

Define Policy

Attach an approval policy to a record type or tenant namespace. Specify N (required votes) from M (allowlist members). Policies can be per-action, per-tenant, or global.

{
  "policyId": "policy_contract_approval",
  "required": 2,
  "allowlist": [
    "user_alice",
    "user_bob",
    "user_carol"
  ],
  "action": "contract.*"
}
STEP 02
🗳️

Collect Votes

Each approver in the allowlist calls POST /approvals with their vote. Every vote is signed with the approver's identity token. Votes are immutable once cast.

// Approver casts signed vote
POST /api/v2/tenants/:id/approvals
{
  "recordId":   "rec_4c1d87ea",
  "vote":        "approve",
  "approverId": "user_alice"
}

// Quorum status: 1/2 received
STEP 03

Execute

When the Nth vote is received and the quorum threshold is met, KTL atomically updates the record status to 'trusted'. Webhooks fire. The audit log entry is sealed.

// Quorum reached — record transitions
{
  "recordId":     "rec_4c1d87ea",
  "quorum":       { "required":2, "received":2 },
  "status":       "trusted",
  "trustedAt":    "2026-04-22T10:09:00Z",
  "webhookFired": true
}

Security & Compliance

Designed for enterprises
where trust is non-negotiable.

Every layer of KTL is built with security as a first-class constraint — not a compliance checkbox.

🔏
Ed25519
128-bit security level
🧪
TweetNaCl / WebCrypto
Server + browser verified
📋
SOC 2 Type II
Compliance-ready architecture
🚫
Zero Plaintext Storage
Hashes only — never raw secrets
🔑
JWT + RBAC
admin · approver · viewer
Tamper-Evident Chain
previousHash links enforced
TECH STACK
Node.js 20+ · TypeScript strict mode · Express 5 · Zod validation · PostgreSQL / Neon · TweetNaCl · WebCrypto API
SLA
99.9% uptime

Pricing

Start free.
Scale with trust.

No per-seat pricing. No surprise overages. Pay for what your organization actually uses.

Starter
Freeforever
Explore trust infrastructure
Start Free
  • 1 tenant namespace
  • 1,000 records / month
  • Ed25519 key management
  • Append-only chain
  • REST API access
  • Community support
Most Popular
Professional
$299/month
Production-ready trust operations
Start Trial
  • 10 tenant namespaces
  • 100K records / month
  • N-of-M approval quorums
  • Webhook delivery
  • Audit log export
  • JWT / RBAC (admin · approver · viewer)
  • Email support (8h SLA)
  • 99.9% uptime SLA
Enterprise
Customcontact us
Unlimited scale & compliance
Talk to Sales
  • Unlimited tenants & records
  • Dedicated key management HSM
  • SOC 2 Type II ready
  • Custom quorum policies
  • SLA 99.9% guaranteed
  • Dedicated support engineer
  • On-premises deployment option
  • Multi-region chain replication
ENTERPRISE TRUST OPERATING PLATFORM

Build on trust infrastructure
your enterprise can verify.

Start with a free tenant, a single key, and your first cryptographically signed record — all in under 5 minutes.

Start Free Trial →API Reference
No credit card required First record in 5 minutes SOC 2 Type II ready 99.9% SLA