Architecture Walkthrough
Architectural walkthroughs of how a SerenityVault™ deployment is designed to respond. Switch between cyber attack and physical attack. Status markers (✓/◐/○) prevail.
Read this first
- →✓ Operational — running today on Hub01 (Quebec)
- →◐ In integration — target 2026 (DMCC Dubai, Paraguay base, hardware anchoring)
- →○ Roadmap — target 2027+ (Field Case™ THOR, Total Wide Web spatial layer)
- →Walkthroughs describe the architecture as designed. Hardware-anchored components (◐) ship later — software equivalents run today.
- →No real Alliance member is identified. Scenarios are credible threat models, not recorded events.
Pick a scenario
State-grade APT — supply chain compromise
A multi-jurisdictional deployment running TRINITY v7.6.5. ATHENA mans the public surface. ADELE applies 25 constitutional interdicts at every operation. State adversary initiates supply chain compromise targeting key extraction in RAM.
Reconnaissance
Pattern matching against state-grade APT signatures. Behavioural drift detected. Every observation ML-DSA-87 signed. No autonomous action — observation only, deferred to ADELE.
Honeytraps activated
Multi-layered defensive deception triggers. Decoy credentials harvested by adversary. Each interaction enriches the threat model. ADELE validates no real asset is exposed.
Attack initiated
Injection via compromised supply chain dependency. Hybrid cryptography (ML-KEM-1024 + X25519) holds — adversary cannot break the math. Pivots to RAM extraction. Hardware-anchored Zeroization (TEE/HSM, ◐) is the design defense. Software substitute runs on Hub01 today.
Detection-to-decision
ALFRED escalates. ADELE applies 25 interdicts. Rule 17 (Silent Failure), Rule 12 (Zeroization on alteration), Rule 6 (Key never materializes) all hit.
MPC fragmentation
Tri-jurisdictional MPC computes authorization across Quebec / Paraguay / Dubai. Master key never assembles — even in RAM. Compromise of any single hub yields zero recoverable material. Software MPC operational on Hub01. Hardware-anchored TEE/HSM in integration.
Vault ZK lockdown
Zero-Knowledge vault transitions to read-only. Client data remains mathematically inaccessible — including to operators themselves. Adversary now holds bytes that decrypt to nothing. Deny Value™ holds.
Hub failover
ATHENA continues responding (honest degraded-mode disclosure). Operations rebalance toward unaffected hubs. No silent failure — every transition logged.
Forensic reconstruction
Full incident reconstruction from ML-DSA-87 signed log. Cross-jurisdiction attestation. Threat indicators fed back to ALFRED. Cryptographic chain prevents log tampering.
Transparency report
Public anonymized incident summary. Aggregated indicators of compromise shared with the AI Alliance (without exposing any member's internal state).
What the adversary takes home
- →Bytes that decrypt to nothing (Vault ZK)
- →Decoy credentials with no operational value
- →An audit trail proving they were here — cryptographically signed
- →Zero recoverable key material (MPC keeps the key fragmented)
Both scenarios converge on one outcome
SerenityVault does not promise that an attack is impossible. The architecture targets a specific outcome: compromise becomes non-exploitable, visible, and economically irrational.
Why hybrid cryptography is mandatory — not optional
Pure post-quantum cryptography is mathematically young. Classical cryptography is mature but dies to quantum. Each alone leaves a window. SerenityVault therefore mandates hybrid (ML-KEM-1024 + X25519 for KEM, ML-DSA-87 for signatures) — aligned with NSA CNSA 2.0, ANSSI, BSI, and NIST recommendations through 2030. To break a session secret, the adversary must defeat post-quantum AND classical mathematics simultaneously, in real time. No single cryptanalytic breakthrough is enough.
