Every device gets a hardware-anchored cryptographic identity. The key that signs those identities lives inside a tamper-proof chip that nothing — not a server, not an attacker, not us — can ever extract.
Click any block to see what it is, what it holds, and — deliberately — what it can't hold. Animated lines are live trust & data flows.
Pick any block on the map. Each one tells you what it does — and the design's whole point is what each box is not allowed to hold.
A Certificate Authority signs every device's identity. Whoever holds the CA's private key can impersonate your entire fleet. So we put it where no one can hold it.
The CA private key is generated inside a FIPS 140-2 Level 3 chip and can never be exported. Root a server, and the key is still untouchable — you can only ask the chip to sign.
A separate Hetzner box (Finland) runs the issuance service. It has the CA's public cert and a Google permission-slip to request signatures — but never the key. Firewalled so only gate1 can reach it.
Exactly one service account can use the key, with exactly one permission (signerVerifier). Your internet-facing customer box (gate1) can't sign at all.
Identity is minted at the factory — before any customer exists. Ownership is assigned later, at deployment. The device's private key never leaves its secure element.
An engineer registers a serial and issues its cert (no organization yet). The device generates its own keypair in an ATECC608B secure element and only sends out a CSR — the private key never leaves the chip.
The device ships with a QR claim token. At deployment, an org admin scans it — that assigns the device to their organisation and creates its record. Ownership is a database pointer, not baked into the device.
The device connects to the broker with its cert. The broker verifies the signature against the CA and uses the cert's Common Name as the device's identity — the CN is the serial.
Step through the exact path a signing request takes — and notice the private key never travels.
Telemetry and state are split by store and fenced by the database itself — not just by app code.
Postgres enforces tenant isolation at the row level under a non-superuser role with FORCE RLS. A missed filter in app code still can't leak another tenant's rows — the database refuses.
State (devices, orgs, assessments) in Postgres; high-volume telemetry in ClickHouse. Each query is org-scoped before any limit is applied.
Public web traffic uses free auto-renewing Let's Encrypt certs (via Caddy). Machine & device identity uses the private HSM CA. The right tool for each job.
The platform runs on a lot of secrets — database passwords, broker certificates, signing keys, API keys. Here is the full set, grouped by how it's held. Two custody models: hardware/PKI (keys that live in silicon or as issued certs) and application secrets (env values on the box, mirrored to Google Secret Manager).
.env.gate1* (mode 600 on the box) → mirrored to Google Secret ManagerEnv secrets are mirrored to Google Secret Manager only when they change (a hash-compare sync — values are never printed to logs or the terminal). Nothing secret ever lands in git.
State backs up nightly to R2. Real-device telemetry is archived to R2 as Parquet and read back and row-count-verified — a backup that's confirmed restorable, not just "the job ran."
All security infra lives in a single Google account you control. The old personal/recovery accounts and their obsolete secrets (incl. the retired OpenBao stack) were deleted — smaller surface, clearer ownership.
CRA is a whole-product regime. Strong identity is necessary but not sufficient — here's an honest scorecard.
HSM CA, per-device mTLS, CSR flow — private keys never leave the device.
Every device gets a unique cert; humans use real auth + RBAC.
mTLS everywhere for devices; TLS for web.
FIPS-L3 root, no plaintext keys on disk or in git.
Audit trail + RLS in place; monitoring still maturing.
The biggest gap. Designed (ADR-035 neighbours); a firmware project on the roadmap.
Process & paperwork — cheap, not yet done. Reporting duties bite ~Sept 2026.
Full obligations apply ~Dec 2027 — real runway.