FRIDAY Sovereign Intelligence is built on a sovereign mesh architecture across multiple jurisdictions, with cryptographic primitives chosen for adversarial environments. This page documents what's deployed today and what's on the certification roadmap.
All data in transit and at rest is encrypted with modern, well-vetted primitives. No proprietary cryptography.
TLS 1.3 with modern cipher suites (TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256). HSTS enforced. Let's Encrypt certificates auto-rotating.
PostgreSQL on encrypted volumes (LUKS dm-crypt). Field-level encryption for credentials and PII via AES-256-GCM. Application-layer encryption planned for classified workloads.
Internal node-to-node traffic over WireGuard VPN (10.0.0.0/24). AES-256-GCM, Curve25519 key exchange. Public internet bypass for sensitive analytical workloads.
Bond-derived AES-256-GCM for sovereign authentication (Patent B11). Causal compression (CAJUN, Patent B21) for sub-bandwidth covert channels in denied environments.
Multi-tenant isolation is enforced at the database layer. Every query is scoped to the authenticated user's tenant. Authorization is role-based and audit-logged.
Honest disclosure: MFA and federated SSO are not yet deployed. Institutional and Tier C customers receive these as part of pilot onboarding (manual provisioning during the Q3 2026 buildout).
Every administrative action on lead pipelines, account changes, and analyst queries is logged with actor, timestamp, IP, and user agent. Lead status changes and analyst notes are immutable once written. Hash-chained audit trail is on the roadmap for FedRAMP Moderate readiness.
Today: Status-change and note audit logs are live on the admin pipeline (si_lead_status_log, si_lead_notes). Q3 2026: Full tamper-evident hash-chained audit log per NIST 800-53 AU-2 / AU-9.
Production today runs on dedicated hardware in EU and US data centers (Hetzner). Two GPU compute nodes (RTX 5090, Ryzen AI MAX+ 395 with Radeon 8060S) host model inference. WireGuard mesh isolates internal traffic from public internet.
Security incidents are triaged through a 24-hour cycle: detection → containment → eradication → recovery → lessons-learned. Customer notification within 72 hours for any incident affecting customer data, in line with GDPR Article 33 and NIST 800-61.
Disclose suspected vulnerabilities to [email protected]. PGP key on request. Responsible disclosure window: 90 days.
FRIDAY Sovereign Intelligence is backed by a 290+ claim provisional patent portfolio (filed 2024-2026). Five recent filings (B41-B45) cover the architectural primitives underlying the platform:
Multi-agent strategic decision synthesis with adversarial modeling.
Self-directed exploration of analytical hypothesis space.
Sovereign world-state representation across heterogeneous signal layers.
Biomimetic agent architecture derived from cortical connectome topology.
JEPA-PAL test-time training for analytical generalization.
The B41-B45 bundle directly supports the Convergence Engine — the 10-signal-layer fusion core delivering measured 70.7% top-quartile prediction accuracy across the test corpus.
Institutional and government prospects: book a 30-minute technical demo with the founder.