ArcaKey Sovereign · By Application

Dedicated TEE infrastructure
for organizations that need more.

Sovereign is the tier with single-tenant infrastructure, custom compliance posture, country-specific data residency, per-tenant branding, and a custom MSA. From $10,000/mo, with annual minimums and a 60-day TFC clause.

Open a Sovereign conversationArchitecture overview
When Sovereign is the right tier

Four scenarios we hear most often.

If your requirement is more capability or more headroom, Pro Suite or Executive is the right tier. Sovereign is for organizations whose requirement is dedicated infrastructure, custom compliance, or jurisdiction-specific data placement.

Healthcare

Regulated provider with custom data residency

A multi-state health system or specialty hospital that needs HIPAA + state-specific residency for PHI, with a Phala-direct BAA in place and inference confined to a dedicated TEE pool that no other tenant shares.

Financial services

Firm needing FedRAMP-equivalent posture

An RIA, family office, or boutique investment bank whose internal control attestation requires single-tenant infrastructure, signed audit export at engagement granularity, and a custom MSA reviewed by external counsel.

Public sector

Government or agency with IRAP, ITAR, or equivalent

A Canadian crown agency, Australian department, or U.S. state agency requiring data residency in a specific jurisdiction, dedicated infrastructure provable by attestation, and procurement-friendly contracting.

Multi-jurisdictional

Cross-border firm with country-specific placement

A law firm or consultancy with offices in multiple jurisdictions where matters must remain within national borders — Canada-only, EU-only, UK-only — with per-region key custody and per-region attestation reports.

What's included

Sovereign in full.

Sovereign is everything in Executive, plus the items below. The cryptographic floor — post-quantum transport, AES-256-GCM at rest, TEE-isolated inference, signed audit log, response signature verification — is identical to every paid tier. The differentiation is dedication, jurisdiction, and contract.

  • Single-tenant TEE deployment
    A dedicated GCP A3 Confidential Computing pool, provisioned per client. No shared compute path. Attestation reports identify your pool by name in the signed audit log.
  • Custom compliance posture
    FedRAMP-equivalent control mapping, IRAP, country-specific residency, sector-specific certifications. We map controls to your audit framework rather than asking you to map to ours.
  • Per-tenant branding
    The vault interface, attestation seal, and statement-of-fees can carry your organization's wordmark and palette. The cryptographic floor is identical; the surface is yours.
  • Country-specific data residency
    Pin saved data to Canada (northamerica-northeast1), the EU, the UK, or other supported regions. Encryption keys remain region-isolated; cross-region replication is opt-in.
  • Custom MSA
    Standard ArcaKey terms are not the starting point. We negotiate from your paper, with annual minimums, a 60-day TFC clause, and counsel-to-counsel review.
  • White-glove onboarding
    A named engagement engineer, a 90-day onboarding plan, custom Knowledge Pack tuning, and integration support for your identity provider, audit pipeline, and existing security tooling.
  • 4-hour response SLA · named contact
    Sovereign customers reach a named contact directly. Response within four business hours, resolution targets per the MSA. No tier-shared queue.

Architecture, briefly.

Every ArcaKey tier runs inference inside a hardware-attested Trusted Execution Environment — Intel TDX + NVIDIA H100 Confidential Computing. In Pro Suite and Executive, sessions land in a shared TEE pool — isolated cryptographically but co-resident operationally. In Sovereign, your organization receives a dedicated GCP A3 CC pool that no other tenant shares, with attestation reports that name your pool in the signed audit log.

Encryption keys for Sovereign deployments are region-isolated and, on request, client-controlled. The end-to-end-to-enclave key exchange — meaning the application server is cryptographically excluded from the plaintext path — is live on Sovereign today. ArcaKey cannot read Sovereign content by construction, not by policy.

For the full technical surface, see the Architecture Paper and /organizations for the deployment overview.

Pricing & contract

From $10,000 per month.

Sovereign is contracted per engagement. Annual minimums apply, with a 60-day Termination for Convenience clause. Custom MSA, DPA, and BAA terms are negotiated from your paper. Initial scoping conversations take roughly 30 minutes; a written proposal follows within five business days.

Open a Sovereign conversation.

Tell us what you’re trying to solve. We’ll respond within one business day with a scoping call or a clear referral to the tier that fits.

Apply for SovereignOther ways to reach us
ArcaKey Sovereign — Dedicated TEE Infrastructure