Information Protocol

Sovereignty FAQ

Navigating the technical landscape of high-assurance data custody and architectural autonomy.

Core Principles

General Queries

Fundamental operational guidelines and legal frameworks governing the SovCore environment.

Is SovCore subject to the US CLOUD Act?

No, SovCore B.V. is a Dutch entity with complete jurisdictional immunity from the US CLOUD Act.

Our infrastructure is hosted exclusively on 100% EU-owned and operated hardware. Since we have no technical means to decrypt data, we represent a zero-exposure path for your firm’s most sensitive litigation and M&A files.Learn more about the Sovereignty Gap.

What happens if I lose my EUDI Wallet?

SovCore uses a Sharded Recovery Protocol to ensure you never lose access while maintaining Zero-Knowledge.

  • Because SovCore is a Zero-Knowledge platform, we never hold a master key to your data.
  • During setup, you distribute encrypted 'recovery fragments' to two trusted partners. To restore access, you simply recombine these fragments.What is EUDI?

Is SovCore compliant with NIS2?

Yes, SovCore is designed as a 'Security-by-Design' infrastructure aligned with NIS2 and the Dutch Cybersecurity Act.

By automating identity verification via EUDI and ensuring Zero-Knowledge storage, we significantly lower your firm's compliance reporting burden for "High-Risk" data processing.Understand NIS2 requirements.

How do you protect my data from other open tabs?

SovCore uses Cross-Origin Isolation to lock the application into a hardware-accelerated 'Digital Vault'.

Most web apps share a single process with other tabs, creating a potential 'side-channel' for data theft. Even if you have a malicious website open in another tab, it is architecturally prevented from peeking into SovCore’s memory space.

How does the 'Blinded Server' architecture work?

The SovCore server acts as a facilitator for transport and storage of encrypted blobs, but is cryptographically 'blind' to the payload.

By protocol design, the server only manages permission-based access to encrypted data packets. Since the cryptographic keys never leave your device, the server can never derive the cleartext, ensuring a zero-knowledge environment even in the event of an infrastructure breach.See Architecture Zone 2 details.

Technical Deep-Dive

EUDI Seed Orchestration

Uses SD-JWT mapping to bridge hardware-backed identity with client-side cryptographic seeds. This ensures high-assurance onboarding without exposing sensitive data to the JavaScript heap.

EXPLORE ARCHITECTURE ZONE 1

Large-File WASM Pipeline

Utilizes Transferable Objects and atomic OPFS logic to handle 50GB+ file streams. All encryption occurs in an isolated WASM runtime, bypassing traditional browser memory limits.

EXPLORE ARCHITECTURE ZONE 3

Technical Immunity

Achieved through non-custodial architecture. By protocol design, the operator has no administrative override, creating a mathematical guarantee of data integrity even under legal duress.

EXPLORE ARCHITECTURE ZONE 2

Experience Sovereign Data Custody

Launch DemoArchitecture