The runtime, by layer.
Five primitives. One sovereign runtime. Each layer takes the layer beneath as given and makes the one above smaller. This is the engineering view: what each primitive is, the problem it solves, what that means for the team building on it.
How the primitives compose.
The runtime is a stack, not a menu. The boundaries between layers are drawn deliberately. Below the line is ours to defend; above it is yours to build on.
Append-only audit trail. Every event below feeds in.
Loki · Grafana · Tempo · Mimir. Sovereign LGTM workspace.
mTLS east-west. Residency bound by route. Tenant keys.
Hardware-isolated Firecracker microVMs. One workload, one machine.
Bare metal in named data centres. Private optical backbone.
You build at L4. The layers beneath are ours to defend.
IsoCell
A Firecracker microVM per workload. Real kernel, real memory, real vCPUs, enforced by KVM. Container speed, virtual-machine isolation.
Shared kernels are a soft boundary. Audits ask you to argue for them. Container orchestration treats workloads as interchangeable, which is fine for retail and not survivable for clinical software.
One workload, one machine. The noisy-neighbour problem stops existing because there is no neighbour. The compliance boundary is drawn in silicon, not in policy. You deploy the same OCI image you would to any modern runtime; the shape of the machine underneath is the difference.
- 01Workload image is verified by SHA-256 signature at scheduling.
- 02Firecracker boots a microVM with its own guest kernel.
- 03Memory and vCPUs are pinned. No oversubscription.
- 04ForgeMesh interface attaches. Mesh policy applies before first syscall.
- 05Boot completes in under 125ms cold start.
- Cold start
- < 125ms
- Memory overhead
- < 5 MiB
- Isolation
- KVM hardware
- Kernel
- Dedicated per VM
- Provenance
- SHA-256 signed
- Image format
- OCI / Firecracker
A soft boundary is a boundary you argue for in an audit. We don't have one.
ForgeMesh
A private IPv6 mesh built on WireGuard, enforced by eBPF in the Linux kernel. Mutual TLS on every hop. DNS-native service discovery.
Network policies are written once and then drift. Every drift is an audit finding waiting to happen. Most service-mesh deployments are SDK-attached sidecars that engineers forget to maintain.
Every service-to-service hop is encrypted. Every policy decision is made in the kernel, not in user space. East-west isolation is a property of the runtime, not a configuration a customer remembers to apply. Default-deny egress means data cannot leak to the public internet by accident.
- 01Each IsoCell receives a stable IPv6 address on join.
- 02WireGuard tunnels are established between every pair of services on demand.
- 03eBPF programs enforce egress policy at packet level.
- 04DNS resolves service names to the same network namespace.
- 05Mutual TLS adds identity above the WireGuard transport.
- Transport
- WireGuard
- Enforcement
- eBPF
- Encryption
- AES-256 / ChaCha20
- Discovery
- DNS-native
- Egress
- Default-deny
- Intra-region
- Free (no charge)
A perimeter you didn't have to draw.
ForgeVault
Object and block storage on physical infrastructure inside a named jurisdiction. Tenant-held encryption keys. Append-only provenance log.
Residency policies are marketing claims until the route can prove them. Most cloud providers tag data with a region; the data still moves when the platform team decides it should.
Storage is bound to a jurisdiction by the physical network path, not by a label. Data cannot drift because the network route doesn't exist. Tenant keys mean even the platform operator cannot read the bytes. Right-to-be-forgotten is a primitive, not a procedure.
- 01Object stores are deployed once per jurisdiction, not replicated globally.
- 02Block volumes are pinned to the same physical rack as the IsoCell.
- 03Encryption keys are held in a tenant HSM (BYOK on Pro and above).
- 04Every write emits a signed provenance event to the audit log.
- 05Right-to-be-forgotten is a cryptographic key destruction, not a deletion request.
- Model
- Object · S3-compatible
- Encryption
- AES-256 at rest
- Keys
- BYOK · tenant-held (Pro+)
- Residency
- Hardware-bound
- Object cost
- $0.02 / GB-mo
- Block cost
- $0.15 / GB-mo
Storage that cannot leave the country it's in.
ForgeObserve
A sovereign LGTM stack: Loki, Grafana, Tempo, Mimir. Beyla emits RED metrics from the kernel via eBPF. Pre-built healthcare dashboards.
Generic observability platforms ship telemetry to a third-party vendor by default. Once data leaves the perimeter, the sovereign claim is fiction. Coverage drifts because instrumentation requires per-service SDK work.
Telemetry never leaves the perimeter. The auditor and the SRE ask the same workspace. Beyla taps every workload via eBPF at boot, so coverage is a runtime property, not a discipline you maintain. The dashboards arrive shaped for DICOM, HL7/FHIR, PACS, and clinical AI. Not for ecommerce.
- 01Beyla attaches to each IsoCell at workload start, no code changes required.
- 02RED metrics (rate, error, duration) emit to Mimir.
- 03Traces emit to Tempo with full kernel-level span detail.
- 04Logs land in Loki, compliance-tagged at ingest.
- 05Grafana queries across all four primitives via shared labels.
- Stack
- Loki · Grafana · Tempo · Mimir
- Instrumentation
- Beyla / eBPF
- Retention
- Up to 13 months
- Auth
- SSO · SAML · OIDC
- Export
- On-demand · SIEM
- Egress
- None
Evidence as a side-effect of how the workload runs.
ForgeAudit
An append-only audit log of every workload event, configuration change, and region action. Signed manifests. On-demand evidence export.
BAAs are usually negotiated, then the architecture is asked to live up to the document. Audit trails are usually assembled in the week before the auditor arrives, not produced continuously.
The BAA is a description of how the runtime already behaves. Audit evidence is produced as a property of every layer below, not as a separate process you run before an audit. When the auditor asks a question, the answer is a query, not a project.
- 01Every IsoCell start, stop, and config change emits an audit event.
- 02Events are signed with the platform's signing key.
- 03The log is append-only and cryptographically chained.
- 04Retention is 13 months by default, custom on Enterprise.
- 05Export is SIEM-compatible and tenant-scoped.
- Log model
- Append-only
- Retention
- 13 months · custom (Ent)
- Export
- On-demand · SIEM
- BAA
- Included on Pro / Enterprise
- DPA
- Available across EU regions
- Audit cadence
- Continuous
Audit-ready isn't a project. It's the default state.
See the runtime running.
We can show you the live stack against a sample workload, or against the shape of your own. Either way, you see it inside the perimeter.