Skip to content

Six AI workloads.
Zero plaintext.

Retrieval, agent memory, biometric search, multi-tenant isolation, cross-org similarity, and private embeddings — all running on the same encrypted index.

USE CASE / 01

RAG without plaintext in flight.

Retrieval runs entirely on ciphertext. The LLM only sees what your client decrypts; we never see anything. Provider-agnostic — pair with Anthropic, OpenAI, or your own model.

  • No plaintext in flight
  • Provider-agnostic
  • Audit-ready
  • Optional attested TEE inference
QUERY PIPELINE · CIPHERTEXT IN-FLIGHT
STAGE 01
"site policy?"
Query
STAGE 02
7AD0·369C
Encrypt
STAGE 03
E147·AD03
Top-k
STAGE 04
"with: doc-7.."
LLM prompt
CLIENTEDGECYBORGDBLLM
USE CASE / 02

Agent memory with a cryptographic audit trail.

Every retrieval an agent makes is signed and appended to a tamper-evident ledger. Different users decrypt different views of the same memory — without splitting the store.

  • Append-only signed log
  • Per-identity decryption keys
  • Replay any agent session
  • Compliance-grade evidence
SIGNED LEDGER · APPEND-ONLY
#0001 agent.researcher · retrieve · policy/2026-Q1 ✓ sealed
#0002 agent.summarizer · retrieve · minutes/board ✓ sealed
#0003 user.alice · decrypt · policy/2026-Q1 ✓ sealed
#0004 agent.draft · retrieve · contracts/acme ✓ sealed
#0005 user.bob · decrypt · contracts/acme ✓ sealed
#0006 agent.tools · retrieve · invoices/Q4 ✓ sealed
#0007 user.alice · rotate-key · policy/2026-Q1 ✓ signing…
USE CASE / 03 NEW

Biometric search on encrypted templates.

1:N identification against galleries of 100M+ subjects, sub-1Ca0ms — and no plaintext template is ever reconstituted. Compromise? Rotate the key. No re-enrollment needed.

  • 1:N on ciphertext
  • Revocable enrollments
  • BIPA / GDPR Art. 9 ready
  • Liveness-aware
1:N IDENTIFICATION · GALLERY = 10M
match
· · ·
· · ·
· · ·
· · ·
· · ·
· · ·
· · ·
· · ·
· · ·
· · ·
· · ·
USE CASE / 04

Multi-tenant search without shared keys.

Each tenant gets its own KEK. Cross-tenant queries are not possible — not because a `WHERE` clause says so, but because the keys to read them do not exist in the same place.

  • One KEK per tenant
  • No shared decrypt path
  • Per-tenant key rotation
  • Operator can't escalate
CRYPTOGRAPHIC ISOLATION · 1 KEK PER TENANT
ACME
8 vectors · sealed
GLOBEX
12 vectors · sealed
INITECH
6 vectors · sealed
UMBRELLA
10 vectors · sealed
— no shared keys · no cross-tenant decrypt path —
USE CASE / 05

Cross-org similarity without shared records.

Private set intersection on encrypted vectors. Both sides learn only the matches; no record, embedding, or identifier crosses the boundary. Useful for fraud rings, sanctions, joint diligence.

  • Encrypted PSI
  • No raw records exchanged
  • Threshold-tunable matches
  • Query audit trail
PRIVATE SET INTERSECTION
ORG A ORG B 4 MATCHES · 0 RECORDS REVEALED
USE CASE / 06

Embeddings the server never sees.

Embedding can be generated client-side or in a TEE; only ciphertext leaves your device. The index never holds a plaintext vector.

  • Client- or TEE-side embedding
  • Plaintext never egresses
  • Drop-in for OpenAI / Cohere clients
  • Same recall as plaintext
ENCRYPT-THEN-EMBED · NO PLAINTEXT EGRESS
CLIENT DEVICE CYBORGDB "PHI-1234" 9F·3A·7C ↓ embed enc-vec[768] CIPHERTEXT INDEX never decrypted