Skip to main content
Executive Digital Notary

Trust Architecture

Post-Quantum Document Sovereignty & Immutable Integrity Verification

Executive Digital Notary (EDN) is not a notary service. It is cryptographic infrastructure. We apply NIST-standardized Post-Quantum Cryptography (PQC) and stateless blockchain anchoring to produce an immutable, verify-anywhere record of truth that outlasts current and future computational limits.

View Architecture Diagram

The Quantum Threat to Legal Infrastructure

Traditional digital signatures rely on RSA-2048 and ECDSA algorithms. Both are mathematically vulnerable to Shor's Algorithm, executable on a sufficiently advanced quantum computer. The "Harvest Now, Decrypt Later" (HNDL) attack vector means adversaries are archiving encrypted legal documents today, with the intent to break them within the next 10–15 years.

A deed notarized in 2025 with RSA-based signatures may be cryptographically unverifiable by 2035. EDN was engineered to prevent this failure mode before it occurs.

Legacy Notarization
Signature AlgorithmRSA-2048 / ECDSA
Key StorageSoftware-based
Integrity Horizon~10 years
Quantum-ResistantNo
Data PersistenceProvider database (indefinite)
HNDL VulnerabilityYes
EDN Deep-Tech Platform
Signature AlgorithmSPHINCS+ (SLH-DSA) — NIST FIPS 205
Key StorageFIPS 140-2 Level 3 Hardware HSM
Integrity Horizon50+ years (mathematical)
Quantum-ResistantYes
Data Persistence24-hour PII purge (MHMDA compliant)
HNDL VulnerabilityMitigated

Infrastructure: The EDN Sovereign Silo

EDN does not commingle client data. Every session operates in an isolated security silo enforced by Google Cloud VPC Service Controls.

Client Session Encrypted TLS 1.3 Google Cloud VPC — Isolated Security Perimeter Cloud HSM FIPS 140-2 Level 3 SPHINCS+ Key Generation & Signing Document Processor 256-bit AES Encryption PII Extraction Hash Generation Identity Vetting Quantum-Safe Biometric Gate Zero-Trust KYC Blockchain Anchoring Ethereum Mainnet via GCP Blockchain Node Engine SHA-256 + SPHINCS+ Hash anchored on-chain Security Audit Certificate Immutable cryptographic receipt Valid 50+ years PII Purge Engine Raw PII deleted within 24 hours MHMDA Compliant

Architecture subject to ongoing security review. GCP infrastructure powered by Google Cloud HSM and Blockchain Node Engine.

Post-Quantum Cryptographic Layer: SPHINCS+ (SLH-DSA)

Every document processed through EDN receives a Secondary Post-Quantum Wrapper using the SPHINCS+ algorithm, standardized by NIST as FIPS 205 (SLH-DSA).

STATELESS HASH-BASED SECURITY

Unlike lattice-based PQC methods, SPHINCS+ requires no state management. This makes it the most robust and failure-resistant algorithm for long-term legal document integrity. There is no "state corruption" failure mode.

HARDWARE-BACKED KEY CUSTODY

Every SPHINCS+ signing key is generated inside and never leaves a Google Cloud Hardware Security Module (FIPS 140-2 Level 3). Keys are never extractable in plaintext under any operational condition.

MATHEMATICAL INTEGRITY

The security of a SPHINCS+ signature rests entirely on the collision-resistance of the underlying hash function (SHA-256 / SHAKE-256). It does not depend on the hardness of integer factorization or elliptic curve discrete logarithms — the two problems quantum computers will first break.

BLOCKCHAIN PERMANENCE

The final SPHINCS+-signed hash of every EDN document is anchored to the Ethereum Mainnet via a dedicated node maintained on GCP Blockchain Node Engine, providing 99.9% anchoring availability and full auditability without reliance on third-party RPC providers.

Compliance Architecture

SOC 2 Type 2 Alignment Designed to align with Processing Integrity standards
NIST FIPS 205 (SLH-DSA) SPHINCS+ Post-Quantum Standard
FIPS 140-2 Level 3 HSM Google Cloud Hardware Key Custody
24-Hour PII Purge MHMDA-Compliant Data Lifecycle
Ethereum Mainnet Anchoring Immutable 50+ Year Audit Trail
Zero-Trust Identity Vetting Quantum-Safe Biometric Gate

EDN is designed to align with SOC 2 Type 2 Processing Integrity standards and Washington MHMDA compliance. Authorized Sub-Processors include: Google Cloud Platform (HSM, Blockchain Node Engine, VPC), Paubox (encrypted communications), Stripe (payment processing), Neon (database infrastructure), and PROOF/Notarize.com (RON session platform).

EDN utilizes public blockchain networks strictly as a neutral, non-custodial decentralized timestamping mechanism. The platform anchors document cryptographic hashes to achieve independent tamper-evidence; EDN does not facilitate, custody, or manage digital financial assets, tokens, or smart-contract-based securities.

Developer Platform — Coming Soon

EDN is building a developer-first API layer that will allow title companies, FinTech platforms, DAOs, and legal tech integrators to programmatically submit documents for PQC-secured notarization and blockchain anchoring.

The EDN Platform API will provide endpoints for:

  • Secure document submission and hash generation
  • SPHINCS+ signature verification
  • Blockchain anchor lookup and certificate retrieval
  • Biometric-gated session initiation (OAuth 2.0 / PKCE)
  • Webhook callbacks for session completion and audit events
Join the API Beta Waitlist