The same agent platform powering trdn.io — deployed inside your own infrastructure, your own region, your own GPUs. Every inference, every action ed25519-signed and chained on a public provenance ledger. No external API. No data egress. Built for organizations that legally cannot route data offshore and need to prove what their AI did.
Pick a model from the catalog, click deploy, get a sovereign endpoint in your VPC within ~6 minutes. Each model card includes the licensing tier, hardware requirements, and the receipt-chain attestation showing the exact build that was deployed. Catalog seeded with frontier open-weights — Llama family, Qwen, Mistral, DeepSeek, plus TRD-tuned variants.
Phase 1: catalog visible + deploy-flow scaffolded. Phase 2: one-click sovereign deploy backed by our pod federation infra (target Q3 2026). Want a model not listed? Email sovereign@trdn.io and we'll evaluate adding it.
Sovereign is not a marketing label — every byte of customer data your tenants give us is wrapped, signed, and pinned in a way that makes the word "sovereign" mathematically true, not a vendor promise. Here is what's underneath.
Every tenant gets a unique Data Encryption Key. DEKs are wrapped by a tenant-specific Key Encryption Key (KEK). Shredding the KEK shreds all data for that tenant — cryptographic erasure, GDPR-clean by construction.
Pinned via Lighthouse SDK to Filecoin. CIDs are content-addressed. Three SLA tiers — Bronze (1×, 1y), Silver (3×, 7y), Gold (5×, 99y). Replica health surfaced live in the permanence meter.
Every read, write, erasure, model call is signed at emit time and chained with prev_receipt_cid. Anyone can recompute the bytes and verify against the public key at trdn.io/keys/trd-receipt-key-2026.public.pem.
PII columns identified at write time, encrypted with the per-tenant DEK, and never leave the pod. Inference is performed against tokenized values; only the operator's own pod can decrypt.
Compute build logs, agent outputs, image bank entries auto-pinned to the same chain. Prompt → compute → SITE → artifacts — everything content-addressed on Filecoin. Federation-ready.
Customers, regulators, auditors paste a session ID. Browser validates every signature client-side against the published public key. Zero trust required in TRD servers. The trust is in math.
Six layers, every layer auditable, every action signed. The Sovereign Data Vault is what makes "Sovereign" technically provable instead of a vendor promise. Pair it with Compliance-as-a-Service for the audit-prep package.
The audit-prep work we already do for Sovereign customers — SOC 2, ISO 27001, ISO 42001, HIPAA, EU AI Act, GDPR — now available as a standalone engagement. Buy the package, get a 90-day audit-ready posture without spinning up a Big-Four contract.
Every action a TRD-Sovereign customer takes is already ed25519-signed and pinned to Filecoin. The receipt chain is the audit log — we don't have to manufacture evidence retroactively because it exists at emit time. That cuts audit-prep work for a 50-control SOC 2 from 6 weeks (typical) to 7 days (TRD baseline). The price difference between "Big Four readiness" ($60k–$120k) and the Audit-Ready Posture above ($14,900) is the moat made concrete.
Engagement requests routed to compliance@trdn.io. We respond within one business day with a scoping call invitation. Stripe checkout link goes live once SKU is provisioned — request a manual invoice in the meantime.
Federated chain-head exchange. Sovereign pods cross-attest each other's receipts — proof of cooperation without trust.
JWT-style tokens with HMAC-SHA256 signing. Operators issue scoped invites without revealing federation secrets.
USDC/USDFC/FIL dual-rail payment on the dispatch endpoint. Sovereign customers pay-as-they-compute, no SaaS contract required.
PII never crosses the pod boundary. Per-tenant DEKs + cryptographic erasure built in — GDPR-clean by construction.
Quorum voting on federation membership + policy change proposals. Foundation laid; UI surface lands next sprint.
Pre-built sovereign deployment kits with HIPAA / SOC2 / GDPR audit trails. Receipt chain doubles as the audit log.
Pending → provisioning → ready with auto-advance cron every 5 minutes. Operators see real deploy state on the model catalog, not a placeholder.
Contract 0xbDd1f5fC349D9a8EfCEb07Edbd491233b2540f5F live on Base. First mint executed. Sovereign-operator reputation now anchored on-chain alongside the receipt chain.
trd-backend-eu deployed. GHCR images public: ghcr.io/trdnetwork/{orchestrator,receipt-signer,ipfs-gateway,predictive-engine}:0.1.0 — sovereign customers can pin to EU data sovereignty.
Most AI vendors say "we're compliant." TRD Sovereign proves it on every request. The platform ships with four production-grade trust mechanisms, each independently verifiable.
Every GPU call, every site build, every owner-command emits an ed25519-signed receipt. Receipts hash-chain forward and anchor to Filecoin. Tampering is mathematically detectable. Verify any chain at api.storage.trdn.io/api/storage/receipts/<id>.
Per-tenant DEK encrypts all PII at rest. Destruction zeros the DEK — every encrypted blob becomes mathematically unrecoverable. Customer downloads a PDF Certificate of Erasure. Satisfies GDPR Article 17, CCPA §1798.105, and regulator subpoenas in under 30 seconds.
Every inference receipt carries kWh + CO₂ grams calculated from GPU class × duration. Aggregated on cert PDFs. Live carbon badge on every built site. Required reading for any organization with a public sustainability commitment.
Same standard Adobe, Microsoft, BBC, and Reuters use. Every output page embeds a JSON-LD provenance manifest. Modern browsers and verify.contentauthenticity.org surface a "verified content" badge. Disinformation resistance, built in.
Full posture documented in the EU AI Act + ISO/IEC 42001 Readiness Statement
Read the readiness statement →Sovereign customers run real-world inference on real-world models. Some have fine-tuned Llama 3 on a decade of internal medical records. Some signed multi-year licenses with Cohere or Mistral. Some have weights too sensitive to ever leave the pod. TRD Sovereign hosts all three, with the same signed-receipt + cryptographic-erasure substrate that makes Sovereign Sovereign.
Bring an HF/PyTorch checkpoint, a GGUF quantized binary, or a TensorRT-compiled engine. TRD's vLLM + TGI runners ingest it, expose an OpenAI-compatible inference endpoint, and emit signed receipts on every call. Standard formats: HuggingFace, GGUF, TensorRT-LLM, ONNX, PyTorch state_dict.
Same as BYOM, but the model file never traverses any TRD-controlled network. Weights are loaded from your storage volume directly into pod GPU memory. The runtime is fully air-gapped from inference. Even our operators cannot read the file — only the GPU sees it.
A BYOM call emits the same ed25519-signed receipt as a TRD-native call. Inference duration, token counts, GPU hardware class, and carbon footprint all chain-anchor to Filecoin. GDPR Article 17 cryptographic erasure works identically — destroy the tenant DEK and every customer prompt + completion you stored becomes mathematically unrecoverable.
Sovereign isn't just a place to host inference. It's the substrate for everything TRD builds — the same Sovereign pod that runs your AI runtime can host the 641 industry agents from TRD Pilot. WhatsApp owner agents, agent-pay-agent commerce, the architect agent that builds sites — all of it inside your data perimeter, with the same signed-receipt + GDPR-erasure substrate.
Restaurant booking agent, salon-stylist agent, visa-intake agent, healthcare-clinic agent. All 641 specialists across 87 industries run on the Sovereign pod. No traffic crosses your perimeter for agent invocations.
Agents transact via x402 micropayments without touching the public x402 network. Settlement happens against a pod-local USDC pool you control. Auditable, contained, signable receipts on both sides.
Multi-region deployments (EU + UAE, say) federate via signed chain-head attestations. Each pod is independently authoritative in its perimeter; cross-pod auditors verify the full deployment without central TRD coordination.
Bring fine-tuned Llama 3 or a licensed Mistral. Run the 641 TRD agents against it. Encrypt all receipts with a tenant-controlled DEK. Cryptographic erasure works the same way — destroy the DEK and every prompt, completion, and agent invocation is unrecoverable.
When the data is citizen records, account holders, or patient histories, "send it to OpenAI" isn't an option — it's a compliance violation. TRD Sovereign runs the entire agent stack where the data already lives. The engagement model: $5k–50k/month per deployment, scoped per environment.
Deploy in your national cloud. Citizen data stays inside the country. Air-gap-friendly — the pod runs with zero outbound dependencies beyond an optional license check. UAE government agencies are a core target.
Meet RBI, MAS, DFSA, and EU regulator requirements. Run AI inference on data you legally cannot expose to a third-party endpoint. Indian PSU banks are a primary deployment target.
HIPAA-compatible deployment. Patient records never leave your private network — inference happens inside your perimeter, not someone else's. EU healthcare systems are an active focus.
No surprise integration work, no open-ended consulting. The path from first conversation to a deployed Sovereign pod is three defined stages — and the model swap, isolation mode, and region are all your choices.
A 30-minute scoping call covers your environment, hardware, and compliance needs. If it's a fit, a paid pre-deployment infrastructure audit follows — and the fee converts to a deposit on a signed contract.
30-min call → paid audit
You fill a single config file — your domain, your model choice, your tenant isolation mode, your region. The deployment package handles the rest: backend, inference, database, monitoring, runbooks.
edit config.yaml → helm install
The full stack comes up in your Kubernetes cluster or via Docker Compose. The only outbound connection is an optional license callback — it carries a token, never data. You hold the keys.
trd-sovereign status → all green
The marketing surface, the lead pipeline, the architecture decisions, and the own-GPU inference layer are all built. Everything below is either live in production or actively in flight — tagged honestly.
The public-facing surface explaining the self-hosted proposition to enterprise prospects — backend lead-capture API, frontend content, protected-zone enforcement. Shipped May 9.
The sovereign_leads backend captures and qualifies inbound enterprise leads — validating company size, use case, and budget signals, with high-value leads routed for fast follow-up.
Six non-negotiable architecture decisions identified for any enterprise deployment — tenant isolation mode, encryption envelope at rest, append-only audit log, and the inference-router abstraction among them.
vLLM serving Qwen3-32B-FP8 — benchmarked at 1,605 tokens/second aggregate at concurrency 16. This is the layer that makes "sovereign" real: inference on hardware you control, not someone else's API.
A Qwen3-0.6B draft model proposes tokens for the 32B model to verify — 66% acceptance rate, 25%+ throughput gain. Production-grade serving, not a research demo.
The own-GPU inference layer that becomes the primary engine for Sovereign deployments. Code shipped; currently stabilizing on dedicated H200 capacity before it's the default path.
Sovereign is deliberately sequenced — the engineering for compliance is done up front, certifications are pursued only when a paying customer requires them, and multi-region automation comes once the deployment package is proven. Honest phasing, not vapor.
A focused design week to lock the six architecture decisions before any enterprise deployment is offered: tenant isolation, the encryption envelope and per-customer key management, the append-only audit log, and the inference-router abstraction with backwards compatibility.
The one-package install for enterprise customers. Docker Compose for single-server deployments, a Kubernetes Helm chart for larger ones — bundling the TRD backend, vLLM with the chosen model, self-hosted database, storage backup, monitoring stack, and ops runbooks.
For enterprises that want premium model quality but can't go fully on-prem: an Anthropic Zero Data Retention API tier, where request data is never stored. A middle path between full sovereignty and standard cloud APIs.
The first commercial Sovereign customer — target: a UAE government agency, Indian PSU bank, or EU healthcare system. Engagement model: a 30-day proof of concept, then an annual contract with deployment, training, SLA support, and quarterly reviews.
Formal certifications — pursued only after paying customers explicitly require them. The underlying engineering (audit logs, access controls, encryption) is done up front in the Phase 2 locks, so certification becomes audit prep, not a rebuild.
Scale-out for serving multiple Sovereign customers across regions. A customer signs up, picks a region, and the system provisions a pod, configures their tenant, and returns connection details — UAE, EU, India, and US targeted.
Cloud AI APIs are fast to start with. They also send your data to someone else's servers, in someone else's jurisdiction, under someone else's terms. For regulated organizations, that's not a latency tradeoff — it's a non-starter.
| Property | TRD Sovereign | OpenAI / Anthropic API | Cloud-hosted LLM (Bedrock / Vertex) |
|---|---|---|---|
| Data stays inside your perimeter | ✓ | × | ~ |
| Runs in your region / national cloud | ✓ | × | ~ |
| Air-gap-capable deployment | ✓ | × | × |
| Zero external API calls at inference | ✓ | × | × |
| You hold the model weights & keys | ✓ | × | × |
| Full agent stack — 641 agents, not just an endpoint | ✓ | × | × |
| Observability exportable to your SIEM | ✓ | × | ~ |
| No usage data retained by a vendor | ✓ | ~ | ~ |
| Predictable cost — flat monthly, no per-token metering | ✓ | × | × |
| Standard tooling (Helm / Compose) | ✓ | × | ✓ |
"~" denotes partial: some cloud-hosted LLM offerings keep data in-region but still run on vendor-controlled infrastructure under vendor terms. Sovereign removes the vendor from the data path entirely.
Sovereign isn't a per-seat SaaS — it's an infrastructure deployment. Every engagement starts with a paid audit, and the audit fee converts to a deposit on a signed contract. The figures below are the engagement structure; exact scope is finalized per environment.
A pre-deployment audit of your cluster, hardware, network topology, and compliance requirements. Not a sunk cost — the fee converts to a deposit on a signed contract.
A full Sovereign pod deployed in your environment for a 30-day proof of concept — the real stack, your data, your perimeter, before any annual commitment.
An annual contract per deployment — $60k–500k ARR depending on scale, model, and support tier. Includes the deployment, training, SLA support, and quarterly business reviews.
All figures reflect the engagement structure; exact scope and pricing are finalized in the infrastructure audit. The first deployments are founder-led.
Model your full stack. Pick GPU class, model size, monthly token volume, and utilization. The calculator shows monthly cost across OpenAI, Azure OpenAI, AWS Bedrock, and TRD Sovereign — adjusted for your workload sensitivity tier. Numbers are public list prices as of May 2026; your specific quote may vary.
Pricing baselines (May 2026 list prices):
Sensitivity tiers:
Numbers exclude one-time deployment scoping ($5-50k typical) and exclude license/support fees. Final quote may differ based on environment, GPU class, redundancy SLA, and integration scope.
We pursue formal certification when a specific deployment requires it — the engineering work (audit logs, access controls, encryption) is done up front in the Phase 2 architecture locks, so certification is audit prep, not a rebuild. We're happy to share the gap analysis for your jurisdiction first.
Need a framework not listed here? The pod's architecture — no egress, your keys, your infrastructure, your region — is designed to map cleanly onto most data-residency and sovereignty regimes. Ask us for the gap analysis for your jurisdiction.
The first step is a 30-minute call to scope your deployment. If it's a fit, we run a paid pre-deployment infrastructure audit — which converts to a deposit on a signed contract.