<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Micky Irons</title>
    <description>The latest articles on DEV Community by Micky Irons (@mickai).</description>
    <link>https://dev.to/mickai</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3909620%2F836c63c8-56bd-4f81-b44c-5d3968713336.jpeg</url>
      <title>DEV Community: Micky Irons</title>
      <link>https://dev.to/mickai</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/mickai"/>
    <language>en</language>
    <item>
      <title>Zero Data Egress: Sovereign AI That Never Leaves Your Walls</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:40:04 +0000</pubDate>
      <link>https://dev.to/mickai/zero-data-egress-sovereign-ai-that-never-leaves-your-walls-c16</link>
      <guid>https://dev.to/mickai/zero-data-egress-sovereign-ai-that-never-leaves-your-walls-c16</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5xs99a8ja9zefbagb0ef.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5xs99a8ja9zefbagb0ef.png" alt="Zero Data Egress: Sovereign AI That Never Leaves Your Walls" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Why zero data egress is now a legal requirement, not a preference
&lt;/h2&gt;

&lt;p&gt;For a growing set of regulated firms, the question is no longer whether to adopt AI. It is whether AI can be adopted at all without breaking the law. Public cloud AI assumes data can leave the building, cross a jurisdiction, and be processed on infrastructure the customer neither owns nor controls. For a bank supervised under PRA model risk expectations (SS1/23), a hospital bound by the NHS Data Security and Protection Toolkit, or a defence supplier under ITAR and EAR, that assumption is fatal. The data cannot leave. So the AI has to come to the data.&lt;/p&gt;

&lt;p&gt;We built for that constraint from the first line. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. Nothing is sent out to be scored, embedded, logged, or improved. The workload runs inside the customer's walls, and it stays there.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fje745ska14l20548pto2.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fje745ska14l20548pto2.png" alt="Zero Data Egress: Sovereign AI That Never Leaves Your Walls" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What we are
&lt;/h2&gt;

&lt;p&gt;Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. We are not a concept, a roadmap, or a hosted service with a compliance badge bolted on. We are built and live today, installed on the customer's estate, governed by the customer, and severable from us. If we vanished tomorrow, the system would keep running and the customer could still verify every decision it had ever made.&lt;/p&gt;

&lt;p&gt;We run about fifty specialist models, twenty-five domain and twenty-five operational, with cross-model routing under a deterministic arbiter. That last point matters more than the headline count. Because routing is deterministic and arbitration is fixed, the same inputs produce the same outputs. Reproducibility is not a nice property for a regulated buyer. It is the difference between a decision you can defend to a supervisor and one you cannot.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Foj56j195h7hoceofh1zy.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Foj56j195h7hoceofh1zy.png" alt="Zero Data Egress: Sovereign AI That Never Leaves Your Walls" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Egress is the risk. So we removed it
&lt;/h2&gt;

&lt;p&gt;Most AI incidents that frighten a Chief Risk Officer are egress incidents in disguise. Data leaves the perimeter and lands somewhere it should not. It is retained, subpoenaed under the US CLOUD Act, exposed in a breach at a third party, or quietly used to train a model the customer will never see. The NIS Regulations, UK GDPR special category rules, and the EU AI Act high-risk classification all circle the same failure mode: sensitive data in motion, outside the controller's control.&lt;/p&gt;

&lt;p&gt;We close that surface entirely. There is no outbound call to a model API, no telemetry channel, no update path that phones home with customer content. When a regulator asks where the data went, the honest and provable answer is that it went nowhere. It was processed on hardware the customer owns and it never crossed the boundary. That is a far stronger position than a data processing agreement and a promise.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5z9hrezw7lvbqvn4ixqw.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5z9hrezw7lvbqvn4ixqw.png" alt="Zero Data Egress: Sovereign AI That Never Leaves Your Walls" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The Open Audit Record: proof without trust
&lt;/h2&gt;

&lt;p&gt;Removing egress solves confidentiality. It does not, on its own, solve accountability. A regulator does not just want to know that the data stayed put. They want to know what the system did, when, and on what basis, and they want to check it themselves years later without taking anyone's word for it.&lt;/p&gt;

&lt;p&gt;That is what our Open Audit Record delivers. Every consequential action is signed under post-quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash-chained into a tamper-evident, append-only ledger. Anyone can verify that ledger offline, for decades, without trusting the vendor. The record does not depend on us being alive, cooperative, or solvent. An auditor takes the chain, checks the signatures and the hashes, and confirms that nothing was altered or backdated. Trust moves from the vendor's assurances to mathematics the auditor can run on their own machine.&lt;/p&gt;

&lt;p&gt;We also offer the audit layer on its own, as OAR-as-a-Service, for organisations that want verifiable, post-quantum records over systems they already operate. The principle is the same in both forms: verification belongs to the customer and the regulator, not to us.&lt;/p&gt;

&lt;h2&gt;
  
  
  Studios: the work regulated firms actually need
&lt;/h2&gt;

&lt;p&gt;On top of the substrate we run a set of studios, each one aimed at a regulated function. The names are drawn from Greek myth; the function in every case is serious and specific. Nemesis handles fraud and anti money laundering. Plutus covers finance and FP&amp;amp;A. Tyche runs underwriting. Prometheus does forecasting. Iris handles customer service. Nomos covers compliance, Astraea covers legal, and Panacea covers clinical work. Pythia is business intelligence, Aletheia is audit, and Vinis is voice. The Agentic Marketing Team runs regulated marketing operations, and Trust Agent holds the perimeter.&lt;/p&gt;

&lt;p&gt;Each studio inherits the same guarantees as the platform beneath it. Nothing egresses. Every consequential action lands in the Open Audit Record. Outputs are reproducible under the deterministic arbiter. A compliance function does not have to reason about whether one studio is safe and another is not. The safety is a property of the substrate, and the studios sit on top of it.&lt;/p&gt;

&lt;h2&gt;
  
  
  Pantheon: attestation across many sites, no central server
&lt;/h2&gt;

&lt;p&gt;Sovereignty for a single site is one problem. Trust across many fielded units, with no shared cloud to lean on, is a harder one. Pantheon, our post-quantum Layer 1, is on testnet and gives multi-node attestation across fielded units with no central server. Deployments can attest to one another's state and audit records without routing anything through a vendor hub. For an organisation running sovereign AI across sites, regions, or partners, that means a shared source of cryptographic truth without a shared point of failure or a shared point of leakage.&lt;/p&gt;

&lt;h2&gt;
  
  
  The intellectual property behind the boundary
&lt;/h2&gt;

&lt;p&gt;None of this is a wrapper over someone else's endpoint. The architecture is protected. We hold 104 filed UK patent applications, roughly 2,340 claims, across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted. Filing establishes priority and builds a prior-art moat around the way sovereign, verifiable, post-quantum AI is done on the customer's own hardware.&lt;/p&gt;

&lt;p&gt;For a regulated buyer, the patent position is a durability signal. The capability they are buying is defensible and is unlikely to be replicated wholesale by a fast follower. Mickai LTD is a UK company, Companies House number 17166618, with Birmingham manufacturing secured, led by founder and CEO Micky Irons.&lt;/p&gt;

&lt;h2&gt;
  
  
  The market the public cloud cannot lawfully reach
&lt;/h2&gt;

&lt;p&gt;The sovereign AI market is roughly USD 40 billion in 2025, rising to about USD 148 billion by 2032. The reason is structural rather than cyclical. Around 0.85 million UK businesses, about 15 percent of the total, and roughly 5 million across the EU, legally cannot send data to public cloud AI. The drivers are named and enforceable: PRA model risk expectations (SS1/23), UK GDPR special category data, the NHS Data Security and Protection Toolkit, the EU AI Act high-risk classification, ITAR and EAR, the NIS Regulations, and the US CLOUD Act.&lt;/p&gt;

&lt;p&gt;These firms are not waiting for permission to like AI. They are waiting for a way to use it lawfully. A system that runs on their own hardware, egresses nothing, and proves every action under post-quantum signatures is not a preference for them. It is the only compliant path.&lt;/p&gt;

&lt;h2&gt;
  
  
  An ally to the platforms, not a rival
&lt;/h2&gt;

&lt;p&gt;Our commercial thesis has two sides. First, we sell sovereign AI directly to regulated firms the public cloud cannot lawfully reach. Second, we license the patented stack to the platforms that want to reach those same customers and currently cannot. Our internal analysis maps 196 companies and 311 patent-company pairs as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe, and IBM. To be precise about what that is: it is potential-licensee sizing, not a signed book and not an infringement claim.&lt;/p&gt;

&lt;p&gt;We are an ally to the AI majors, not an adversary. A large platform that adds a sovereign, verifiable, on premises layer instantly reaches the regulated market it is legally barred from serving today. The public cloud model and the sovereign model are not in competition. They serve different data under different laws, and one of them has been unaddressable at scale until now.&lt;/p&gt;

&lt;h2&gt;
  
  
  Where this leaves a regulated buyer
&lt;/h2&gt;

&lt;p&gt;The buyer's position is straightforward once the constraint is taken seriously. If the data cannot leave, the AI has to run where the data lives, prove what it did in a way the vendor cannot tamper with, and keep working even if the vendor does not. We built exactly that, it is live, and it is in the hands of customers today. Zero data egress is not a setting we offer. It is the shape of the whole system.&lt;/p&gt;

&lt;p&gt;Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h2&gt;
  
  
  Frequently asked questions
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Does zero data egress mean the system cannot be updated?
&lt;/h3&gt;

&lt;p&gt;No. Updates are delivered without customer data ever leaving the estate. There is no channel that sends prompts, documents, or telemetry containing customer content out of the perimeter. The boundary holds for operational data at all times, and the customer controls what, if anything, is applied.&lt;/p&gt;

&lt;h3&gt;
  
  
  How can an auditor trust the record if they do not trust the vendor?
&lt;/h3&gt;

&lt;p&gt;They do not have to trust us. Every consequential action is signed under post-quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash-chained into an append-only ledger. An auditor verifies the signatures and the hash chain offline, on their own hardware, for decades. Verification depends on mathematics, not on our cooperation or our continued existence.&lt;/p&gt;

&lt;h3&gt;
  
  
  Is this a research prototype or a production system?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  It is a production system, built and live today. We run about fifty specialist models under a deterministic arbiter, with reproducible outputs, on the customer's own hardware. The architecture is protected by 104 filed UK patent applications across 13 invention families, and Mickai LTD has Birmingham manufacturing secured.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/zero-data-egress" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/zero-data-egress&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>zerodataegress</category>
      <category>regulatedenterprise</category>
      <category>postquantumcryptogra</category>
    </item>
    <item>
      <title>Sovereign AI for Wealth and Asset Management</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:39:37 +0000</pubDate>
      <link>https://dev.to/mickai/sovereign-ai-for-wealth-and-asset-management-41o8</link>
      <guid>https://dev.to/mickai/sovereign-ai-for-wealth-and-asset-management-41o8</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8n1bk6gs41nyd6ud5osk.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8n1bk6gs41nyd6ud5osk.png" alt="Sovereign AI for Wealth and Asset Management" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Sovereign AI for wealth and asset management
&lt;/h2&gt;

&lt;p&gt;Wealth and asset management runs on two things that public cloud AI cannot honour at once: client confidentiality and provable control. A private bank holds special category data, cross border mandates, and suitability records that regulators expect to be reconstructable years later. The prevailing answer, send the data to a hosted model and trust the provider, is exactly the answer a regulated firm cannot give. We built the alternative, and it runs today.&lt;/p&gt;

&lt;p&gt;We run about fifty specialist models, twenty five domain and twenty five operational, with cross model routing under a deterministic arbiter, so outputs are reproducible. We run them on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. For a firm whose regulator asks where client data went and who saw it, the honest answer becomes simple. It never left the building.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fm2ax1r9w8ygi70m8doxd.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fm2ax1r9w8ygi70m8doxd.png" alt="Sovereign AI for Wealth and Asset Management" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Why the public cloud cannot serve this market
&lt;/h2&gt;

&lt;p&gt;This is not a preference. It is law and supervisory expectation. Around 0.85 million UK businesses, roughly fifteen percent, and about five million across the EU legally cannot send data to public cloud AI. In wealth and asset management the constraints stack. PRA model risk expectations under SS1/23 require model governance, validation, and an audit trail that a black box hosted service does not provide. UK GDPR special category data covers the client information private banks routinely process. The EU AI Act classifies creditworthiness and several advisory functions as high risk. The NIS Regulations, ITAR and EAR for cross border defence linked wealth, and the US CLOUD Act, under which a US provider can be compelled to disclose data wherever it sits, complete the picture. Each one narrows what a hosted model may lawfully touch. Together they close the door.&lt;/p&gt;

&lt;p&gt;The market reflects this. Sovereign AI is roughly forty billion US dollars in 2025, rising to about one hundred and forty eight billion by 2032. The growth is not sentiment. It is regulated demand meeting a supply that could not previously be built.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fj2tmvzf6tu2qwz56nacy.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fj2tmvzf6tu2qwz56nacy.png" alt="Sovereign AI for Wealth and Asset Management" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The audit trail regulators can verify without trusting us
&lt;/h2&gt;

&lt;p&gt;Wealth management lives or dies on the record. Suitability, best execution, conflicts, and AML decisions must be defensible long after the people involved have moved on. We built the Open Audit Record for exactly this. Every consequential action is signed under post quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash chained into a tamper evident, append only ledger. Anyone can verify it offline, for decades, without trusting the vendor. A supervisor, an auditor, or a court does not have to take our word. The record proves itself. We also offer this as OAR-as-a-Service, so the capability can sit under systems a firm already runs.&lt;/p&gt;

&lt;p&gt;Post quantum matters here more than in most sectors. Client relationships and the records that document them span decades. A signature that is sound today but breakable by a future quantum computer is not an audit trail, it is a liability with a delay on it. We signed the record against that horizon from the start.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fu5ylzhkjmj5gglcfqt2o.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fu5ylzhkjmj5gglcfqt2o.png" alt="Sovereign AI for Wealth and Asset Management" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The studios a wealth firm actually uses
&lt;/h2&gt;

&lt;p&gt;We ship capability as studios. The names are drawn from Greek myth, the functions are serious and specific to a regulated desk.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Nemesis runs fraud and AML screening across transactions and onboarding, keeping the analysis inside the firm's own perimeter.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Tyche handles underwriting and risk assessment for lending secured against managed portfolios.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Plutus supports finance and FP&amp;amp;A, including fee reconciliation and management reporting.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Prometheus produces forecasting for portfolio and liquidity planning.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Nomos and Astraea cover compliance and legal, mapping decisions to the obligations above.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Pythia delivers business intelligence, and Aletheia provides independent audit over the firm's own activity.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Iris and Vinis handle client service and voice, so relationship managers keep continuity without exporting conversations to a third party.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Trust Agent is the perimeter that holds all of this inside the customer's walls, and the Agentic Marketing Team supports regulated client communications where every claim has to be defensible. Because these studios share one substrate and one arbiter, a decision made in underwriting and a disclosure made in compliance draw on the same reproducible models and land in the same verifiable record.&lt;/p&gt;

&lt;h2&gt;
  
  
  Built, filed, and attested across nodes
&lt;/h2&gt;

&lt;p&gt;For firms operating across multiple offices or jurisdictions, Pantheon, our post quantum Layer 1, is on testnet and provides multi node attestation across fielded units with no central server. Each unit can attest to the others without a coordinating cloud, which suits a group that must keep German, Swiss, and UK operations legally distinct while sharing a common integrity standard.&lt;/p&gt;

&lt;p&gt;The intellectual position is documented. We hold 104 filed UK patent applications, roughly 2,340 claims, across 13 invention families, owned by Mickai LTD, named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted. Filing establishes priority and a prior art moat, which is what matters when the underlying methods, sovereign routing, the deterministic arbiter, and the verifiable ledger, are the assets. Mickai LTD is a UK company, Companies House number 17166618, with Birmingham manufacturing secured. Micky Irons is founder and CEO.&lt;/p&gt;

&lt;h2&gt;
  
  
  An ally to the platforms, not a rival
&lt;/h2&gt;

&lt;p&gt;Our thesis is a dual buyer one. We sell sovereign AI directly to regulated firms the public cloud cannot lawfully reach, and we license the patented stack to the platforms that want to reach them. Internal analysis maps 196 companies and 311 patent to company pairs as potential licensees, including Microsoft, AWS, NVIDIA, Google, Adobe, and IBM. That is potential licensee sizing, not a signed book and not an infringement claim. A large platform that adds a sovereign, on premises, verifiable layer instantly serves the regulated wealth market it cannot serve today. We are an ally to the AI majors, not a competitor to them.&lt;/p&gt;

&lt;p&gt;For a wealth or asset manager, the calculation is direct. The advisory, screening, and reporting work that compliance currently constrains can be done with modern models, on the firm's own hardware, with a record a regulator can verify without trusting anyone. That is the capability, and the market for it is already measured in tens of billions and rising.&lt;/p&gt;

&lt;p&gt;Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h3&gt;
  
  
  Does client data ever leave our systems?
&lt;/h3&gt;

&lt;p&gt;No. We run on your own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. There is no hosted inference step and no provider that could be compelled to disclose your data under a foreign statute.&lt;/p&gt;

&lt;h3&gt;
  
  
  How does an auditor verify the record?
&lt;/h3&gt;

&lt;p&gt;Every consequential action is signed under post quantum cryptography and hash chained into an append only ledger. An auditor verifies the chain offline, without any live connection to us and without trusting us, and the signatures remain sound against future quantum attack.&lt;/p&gt;

&lt;h3&gt;
  
  
  Is this a concept or is it running now?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  It is built and live today. The models, the studios, and the Open Audit Record run on customer hardware now. Pantheon, the multi node attestation layer, is on testnet, and the patent estate, 104 filed applications across 13 families, is on file.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/wealth-asset-management" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/wealth-asset-management&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>wealthmanagement</category>
      <category>assetmanagement</category>
      <category>regulatorycompliance</category>
    </item>
    <item>
      <title>The Sovereign Layer and the Market the Public Cloud Cannot Reach</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:39:12 +0000</pubDate>
      <link>https://dev.to/mickai/the-sovereign-layer-and-the-market-the-public-cloud-cannot-reach-j1c</link>
      <guid>https://dev.to/mickai/the-sovereign-layer-and-the-market-the-public-cloud-cannot-reach-j1c</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F84kym9f4xado3obxub0d.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F84kym9f4xado3obxub0d.png" alt="The Sovereign Layer and the Market the Public Cloud Cannot Reach" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The market the public cloud cannot lawfully reach
&lt;/h2&gt;

&lt;p&gt;Around 0.85 million UK businesses, about 15 percent of the total, legally cannot send their data to public cloud AI. Across the EU, that figure is roughly 5 million. These are not laggards waiting to modernise. They are banks, insurers, hospitals, defence suppliers and law firms bound by rules that make a public cloud round trip unlawful, uninsurable or both. The constraints are concrete: PRA model risk expectations under SS1/23, UK GDPR special category data, the NHS Data Security and Protection Toolkit, the EU AI Act high risk classification, ITAR and EAR export controls, the NIS Regulations and the extraterritorial reach of the US CLOUD Act. Each one, on its own, is enough to keep sensitive workloads off shared infrastructure. Together they define a market that the largest AI platforms in the world are structurally unable to serve.&lt;/p&gt;

&lt;p&gt;The sovereign AI market sits at roughly USD 40 billion in 2025 and is projected to reach about USD 148 billion by 2032. We built for the part of it that no amount of cloud capacity can address, because the problem is not compute. The problem is where the data is allowed to go.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fm93wxw0bl4hmt32tko0y.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fm93wxw0bl4hmt32tko0y.png" alt="The Sovereign Layer and the Market the Public Cloud Cannot Reach" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What we are
&lt;/h2&gt;

&lt;p&gt;Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. There is no telemetry leaving the building, no model call crossing a border, no third party we ask the customer to trust with their most sensitive records. The regulated firm holds the hardware, the models and the audit trail. We are the operating system that makes them work together.&lt;/p&gt;

&lt;p&gt;This is built and live today. It is not a concept, a roadmap or a pilot waiting for a reference customer. We run about fifty specialist models, twenty five domain and twenty five operational, with cross model routing under a deterministic arbiter, so that the same input produces the same output every time. Reproducibility is not a feature we bolt on for auditors. It is the property that lets a regulated buyer put the system in front of a supervisor and defend it.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fxgtblo1a89s1d0fssiz8.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fxgtblo1a89s1d0fssiz8.png" alt="The Sovereign Layer and the Market the Public Cloud Cannot Reach" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Proof that outlives the vendor
&lt;/h2&gt;

&lt;p&gt;Every consequential action inside the system is written to the Open Audit Record. Each entry is signed under post quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash chained into a tamper evident, append only ledger. Anyone can verify that ledger offline, for decades, without trusting us and without a live connection to anything we control. If Mickai LTD ceased to exist tomorrow, the record would still stand up in a hearing. That is the standard a regulated buyer actually needs, and it is the standard almost no cloud AI product can meet, because their proof of what happened lives on the vendor's servers under the vendor's control.&lt;/p&gt;

&lt;p&gt;We offer the same mechanism on its own as OAR-as-a-Service, for firms that want verifiable, post quantum audit over systems they already run.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fgwk5etzxvdabs8symo5b.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fgwk5etzxvdabs8symo5b.png" alt="The Sovereign Layer and the Market the Public Cloud Cannot Reach" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The studios
&lt;/h2&gt;

&lt;p&gt;On top of the operating system we run a set of studios, each a named capability aimed at a specific regulated function. The names are drawn from Greek myth; the work is entirely serious. Nemesis handles fraud and AML. Plutus covers finance and FP&amp;amp;A. Tyche does underwriting. Prometheus runs forecasting. Iris handles customer service. Nomos covers compliance and Astraea covers legal. Panacea is clinical. Pythia is business intelligence and Aletheia is audit. Vinis is voice. The Agentic Marketing Team runs marketing operations, and Trust Agent is the perimeter that guards the whole estate. Each studio inherits the same guarantees: on device execution, deterministic routing and a signed entry in the Open Audit Record for every action that matters.&lt;/p&gt;

&lt;p&gt;Across fielded units we run Pantheon, a post quantum Layer 1 currently on testnet, which provides multi node attestation with no central server. Each deployment can prove its state to the others without any of them phoning home to us. Sovereignty at the single site becomes sovereignty across an estate, and it does so without reintroducing the central dependency the whole design exists to remove.&lt;/p&gt;

&lt;h2&gt;
  
  
  The patent position
&lt;/h2&gt;

&lt;p&gt;We hold 104 filed UK patent applications, comprising roughly 2,340 claims across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These applications are filed, not granted. We say so plainly, because filing is what matters at this stage: it establishes priority and builds a prior art moat around the specific architecture that makes on device, air gapped, auditable AI work. The families cover the operating system, the audit record, the routing arbiter and the attestation layer. They describe how the system is constructed, not merely what it does.&lt;/p&gt;

&lt;h2&gt;
  
  
  The dual buyer thesis
&lt;/h2&gt;

&lt;p&gt;Our commercial model has two sides that reinforce each other. First, we sell the sovereign intelligence operating system directly to the regulated firms the public cloud cannot lawfully reach. Second, we license the patented stack to the platforms that want to reach those same firms and currently cannot. A platform that adds a sovereign, on device, auditable layer instantly becomes lawful in a market it is shut out of today. The two sides are not in tension. The direct sales prove the architecture in production; the licence makes that architecture available to everyone else on terms we set.&lt;/p&gt;

&lt;p&gt;Our internal analysis maps 196 companies and 311 patent company pairs as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe and IBM. We are precise about what that is. It is potential licensee sizing based on where our filed families intersect with published architectures. It is not a signed book of business and it is not an allegation that anyone infringes anything. We are an ally to the AI majors, not an OpenAI killer. The largest platforms have the distribution and the customer relationships; we have the one thing that unlocks the regulated tier, which is a way to serve it lawfully. That is a partnership, not a war.&lt;/p&gt;

&lt;h2&gt;
  
  
  The company
&lt;/h2&gt;

&lt;p&gt;Mickai LTD is a UK company, Companies House number 17166618, with Birmingham manufacturing secured. Micky Irons is founder and CEO. We build the operating system, the studios and the audit layer, and we manufacture the units the software runs on. That vertical control is deliberate. When the promise is that data never leaves the building, the credibility of that promise depends on owning the stack from the silicon up to the ledger.&lt;/p&gt;

&lt;p&gt;The strategic picture is straightforward. There is a large, legally defined market that the biggest AI companies cannot serve, a working operating system that serves it today, and a patent position that sits across the only route in. We built the layer that turns a regulated constraint into a served market, and we own the architecture that makes it work.&lt;/p&gt;

&lt;p&gt;Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h3&gt;
  
  
  Is Mickai a live product or a roadmap?
&lt;/h3&gt;

&lt;p&gt;It is built and live today. We run about fifty specialist models on the customer's own hardware, on premises and air gapped, with a signed audit record for every consequential action. It is in production, not in concept.&lt;/p&gt;

&lt;h3&gt;
  
  
  Why can regulated firms not simply use public cloud AI?
&lt;/h3&gt;

&lt;p&gt;Rules including PRA SS1/23, UK GDPR special category data, the NHS Data Security and Protection Toolkit, the EU AI Act high risk classification, ITAR and EAR, the NIS Regulations and the US CLOUD Act mean roughly 0.85 million UK businesses and about 5 million across the EU cannot lawfully send their data to public cloud AI. We run entirely inside their walls, so the data never leaves.&lt;/p&gt;

&lt;h3&gt;
  
  
  What do the filed patents actually protect?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  We hold 104 filed UK applications, roughly 2,340 claims across 13 invention families, owned by Mickai LTD. They are filed, not granted, which establishes priority and a prior art moat around the architecture of on device, air gapped, auditable AI, covering the operating system, the audit record, the routing arbiter and the attestation layer.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/sovereign-layer-hyperscaler-tam" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/sovereign-layer-hyperscaler-tam&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>regulatedenterprise</category>
      <category>dataresidency</category>
      <category>postquantumaudit</category>
    </item>
    <item>
      <title>Sovereign Cloud Is Not On Premises</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:38:46 +0000</pubDate>
      <link>https://dev.to/mickai/sovereign-cloud-is-not-on-premises-2f5j</link>
      <guid>https://dev.to/mickai/sovereign-cloud-is-not-on-premises-2f5j</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fg11n515axs7fg4splvj1.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fg11n515axs7fg4splvj1.png" alt="Sovereign Cloud Is Not On Premises" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The distinction regulators actually care about
&lt;/h2&gt;

&lt;p&gt;Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. That single sentence contains the argument of this article, because it draws a line that most of the market is happy to blur. "Sovereign cloud" and "on premises" are treated as synonyms in a great deal of vendor marketing. They are not the same thing. For a regulated buyer, the gap between them is the gap between a control you can evidence and a promise you have to trust.&lt;/p&gt;

&lt;p&gt;We build for the firms that sit on the wrong side of that gap. Around 0.85 million UK businesses, roughly 15 percent of the total, and about 5 million across the EU, cannot lawfully send their data to public cloud AI. The reasons are not preferences. They are the PRA model risk expectations under SS1/23, UK GDPR special category data, the NHS Data Security and Protection Toolkit, the EU AI Act high risk classification, ITAR and EAR, the NIS Regulations, and the US CLOUD Act. When a buyer in one of these categories asks whether "sovereign cloud" satisfies the rule, the honest answer is usually no, and the reason sits in the architecture.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Feb0kkjv9w7m3g9cd0wdj.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Feb0kkjv9w7m3g9cd0wdj.png" alt="Sovereign Cloud Is Not On Premises" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What "sovereign cloud" really means
&lt;/h2&gt;

&lt;p&gt;A sovereign cloud is, at bottom, a public cloud with a boundary drawn around it. The data may be pinned to a region. The operators may be vetted nationals. The contract may promise that no bytes leave the jurisdiction. These are real improvements over an ordinary tenancy, and for many workloads they are enough. But the model still runs on infrastructure the buyer does not own, administered by staff the buyer does not employ, under a control plane the buyer cannot inspect. The data leaves the building. Sovereignty, in this arrangement, is a legal undertaking layered on top of someone else's computer.&lt;/p&gt;

&lt;p&gt;The problem is that a legal undertaking is only as strong as the mechanism behind it, and the US CLOUD Act is a mechanism that reaches through the undertaking. A US headquartered provider can be compelled to produce data held by its foreign subsidiaries, regardless of where the servers sit or what the regional contract says. A residency clause does not survive a lawful production order. For a defence contractor bound by ITAR, or a bank whose model governance must satisfy the PRA, or an NHS trust handling special category records, "we promise it stays here" is not a control they can put in front of an examiner.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fbrw9vosavyq24pjpxm59.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fbrw9vosavyq24pjpxm59.png" alt="Sovereign Cloud Is Not On Premises" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What on premises means, done properly
&lt;/h2&gt;

&lt;p&gt;On premises, done properly, removes the promise and replaces it with a fact. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. There is no control plane in another company's data centre, no vetted operator on the other side of a contract, no residency clause standing in for a boundary. The boundary is physical. The data does not leave because there is no path by which it could.&lt;/p&gt;

&lt;p&gt;That is the difference an examiner can test. A sovereign cloud asks the regulator to accept a chain of assurances about a system the buyer cannot see. An owned, air gapped system asks the regulator to inspect a machine that sits in the buyer's own estate. One is a matter of trust. The other is a matter of evidence. We are built for the second.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fftqma6gsyq1oaw3vjk2h.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fftqma6gsyq1oaw3vjk2h.png" alt="Sovereign Cloud Is Not On Premises" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Evidence, not assurance: the Open Audit Record
&lt;/h2&gt;

&lt;p&gt;Evidence is the word that matters, so we made it the foundation of the platform. Every consequential action the system takes is signed under post-quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash chained into a tamper evident, append only ledger. We call it the Open Audit Record. Anyone can verify it offline, for decades, without trusting us.&lt;/p&gt;

&lt;p&gt;That last clause is the whole point. A sovereign cloud audit log lives inside the provider's system and is validated by the provider's tooling. The Open Audit Record inverts that relationship. The record is portable, cryptographically self proving, and verifiable by a party who has no relationship with us at all. A regulator does not have to believe our attestation. They can check the maths. In a market where the entire question is whether an assurance can be trusted, we replaced the assurance with a proof.&lt;/p&gt;

&lt;h2&gt;
  
  
  How the system is built
&lt;/h2&gt;

&lt;p&gt;Underneath the audit layer, we run about fifty specialist models, 25 domain and 25 operational, with cross model routing under a deterministic arbiter. The arbiter matters for the same reason the audit record matters. Because routing is deterministic, outputs are reproducible. A regulated buyer can rerun a decision and obtain the same result, which is precisely what model risk governance requires and what a probabilistic black box cannot offer. These are our own sovereign models, running on the customer's hardware, never calling out.&lt;/p&gt;

&lt;p&gt;The work is organised into studios. The names are drawn from the Greek pantheon and the functions are entirely serious. Nemesis covers fraud and AML. Plutus handles finance and FP&amp;amp;A. Tyche runs underwriting. Prometheus does forecasting. Iris manages customer service. Nomos and Astraea cover compliance and legal. Panacea is clinical. Pythia is business intelligence and Aletheia is audit. Vinis handles voice, the Agentic Marketing Team runs marketing operations, Trust Agent is the perimeter, and we offer the Open Audit Record as a service in its own right. Across fielded units, Pantheon, our post-quantum Layer 1 currently on testnet, provides multi node attestation with no central server, so a fleet of air gapped installations can prove its integrity to itself without any of them phoning home.&lt;/p&gt;

&lt;h2&gt;
  
  
  The market, and the wedge
&lt;/h2&gt;

&lt;p&gt;The sovereign AI market is roughly USD 40 billion in 2025 and rising to about USD 148 billion by 2032. The buyers driving that growth are, definitionally, the ones the public cloud cannot lawfully reach. That is the wedge. We sell sovereign AI directly to regulated firms that the public cloud cannot serve, and we license the patented stack to the platforms that want to serve them and cannot.&lt;/p&gt;

&lt;p&gt;The intellectual property behind that position is substantial. We hold 104 filed UK patent applications, roughly 2,340 claims across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted, and we are precise about that word. Filing establishes priority and builds a prior-art moat, which is exactly the asset a sovereign architecture needs in a field this contested. Internal analysis maps 196 companies and 311 patent to company pairs as potential licensees, including Microsoft, AWS, NVIDIA, Google, Adobe and IBM. That is potential-licensee sizing, not a signed book and not a claim of infringement. We are an ally to the AI majors, not a challenger to them. A platform that adds a sovereign layer reaches, at once, the regulated market it cannot serve today.&lt;/p&gt;

&lt;h2&gt;
  
  
  Where this leaves the buyer
&lt;/h2&gt;

&lt;p&gt;For the regulated buyer, the choice is not really between two products. It is between two evidentiary postures. A sovereign cloud gives you a stronger promise about a system you do not control. An owned, air gapped operating system gives you control, and then gives you a cryptographic record that turns that control into something you can hand to a regulator without commentary. We are Mickai LTD, a UK company, Companies House 17166618, with Birmingham manufacturing secured, and we built the second option because the firms we serve cannot lawfully accept the first.&lt;/p&gt;

&lt;p&gt;Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn. Beyond that, the case stands on the architecture. Sovereign cloud is a boundary drawn around someone else's computer. On premises, done the way we do it, is the computer being yours, the data never leaving, and the proof being verifiable by anyone, for decades, without trusting the vendor who built it.&lt;/p&gt;

&lt;h3&gt;
  
  
  Is sovereign cloud the same as on premises?
&lt;/h3&gt;

&lt;p&gt;No. A sovereign cloud runs on a provider's infrastructure with a legal boundary drawn around it, so the data still leaves the building and residency rests on a contract. On premises, done properly, runs on the customer's own hardware, air gapped, with zero data egress, so the boundary is physical rather than contractual. Under mechanisms such as the US CLOUD Act, that distinction is the difference between a control you can evidence and a promise you have to trust.&lt;/p&gt;

&lt;h3&gt;
  
  
  Why does deterministic routing matter for regulated firms?
&lt;/h3&gt;

&lt;p&gt;Because model risk governance, including the PRA expectations under SS1/23, requires decisions to be reproducible. We run about fifty specialist models under a deterministic arbiter, so the same inputs produce the same outputs and a decision can be rerun and checked. A probabilistic system that cannot reproduce its own outputs struggles to meet that standard.&lt;/p&gt;

&lt;h3&gt;
  
  
  What makes the Open Audit Record verifiable without trusting Mickai?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  Every consequential action is signed under post-quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash chained into a tamper evident, append only ledger. The record is portable and self proving, so a regulator or third party can verify it offline, for decades, by checking the cryptography rather than believing an attestation from us.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/sovereign-cloud-is-not-on-prem" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/sovereign-cloud-is-not-on-prem&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>onpremises</category>
      <category>datasovereignty</category>
      <category>regulatedindustries</category>
    </item>
    <item>
      <title>The regulated market the public cloud cannot lawfully serve, and the sovereign system we built for it</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:38:22 +0000</pubDate>
      <link>https://dev.to/mickai/the-regulated-market-the-public-cloud-cannot-lawfully-serve-and-the-sovereign-system-we-built-for-pi1</link>
      <guid>https://dev.to/mickai/the-regulated-market-the-public-cloud-cannot-lawfully-serve-and-the-sovereign-system-we-built-for-pi1</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fimhoq68coeh3ucqh0epg.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fimhoq68coeh3ucqh0epg.png" alt="The regulated market the public cloud cannot lawfully serve, and the sovereign system we built for it" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The market the public cloud cannot lawfully serve
&lt;/h2&gt;

&lt;p&gt;There is a class of business that AI has largely passed by, not for want of ambition but for want of a lawful path. Banks, insurers, hospitals, defence suppliers and critical infrastructure operators sit on the most valuable data in the economy, and they are the least able to move it. Around 0.85 million UK businesses, roughly 15 percent of the total, cannot legally send their data to public cloud AI. Across the European Union the figure is closer to 5 million. The reasons are not preference or caution. They are law and regulation: PRA model-risk expectations under SS1/23, UK GDPR special category data, the NHS Data Security and Protection Toolkit, the high-risk classification in the EU AI Act, ITAR and EAR export controls, the NIS Regulations, and the extraterritorial reach of the US CLOUD Act.&lt;/p&gt;

&lt;p&gt;We built Mickai for exactly this constraint. We do not ask a regulated firm to relax its obligations so that it can use modern AI. We give it modern AI that already meets them.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fnazjcvjgoojjokfuvav5.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fnazjcvjgoojjokfuvav5.png" alt="The regulated market the public cloud cannot lawfully serve, and the sovereign system we built for it" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What we are
&lt;/h2&gt;

&lt;p&gt;Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. It is built and live today, not a concept and not a roadmap. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. Nothing leaves the building. There is no vendor endpoint to trust, no telemetry to switch off, and no third party in the data path. For a buyer whose regulator treats data movement as a control failure, that is not a feature among features. It is the precondition for using AI at all.&lt;/p&gt;

&lt;p&gt;Underneath, we run about fifty specialist models, twenty-five domain and twenty-five operational, with cross-model routing under a deterministic arbiter. Because the arbiter is deterministic, the same inputs produce the same outputs, and a controlled process can be evidenced rather than merely asserted. We do not disclose the base architectures of the sovereign models, and the buyer does not need us to. What the buyer needs is that the system runs on their metal, answers reproducibly, and leaves a record.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8fi1jq51sqct81roi0we.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8fi1jq51sqct81roi0we.png" alt="The regulated market the public cloud cannot lawfully serve, and the sovereign system we built for it" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The record: an audit trail no one can quietly rewrite
&lt;/h2&gt;

&lt;p&gt;Regulated work is not judged only on the answer. It is judged on whether you can show, later and under scrutiny, how the answer was reached. So we made the record the foundation, not an afterthought. Every consequential action passes through our Open Audit Record. Each one is signed under post-quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash-chained into a tamper-evident, append-only ledger. Anyone can verify that ledger offline, for decades, without trusting us. If a line were altered, the chain would break and the verification would fail. This is the difference between a log, which a sufficiently determined insider can edit, and a proof, which they cannot.&lt;/p&gt;

&lt;p&gt;We extend the same guarantee across fielded units through Pantheon, our post-quantum Layer 1, currently on testnet. It provides multi-node attestation across deployed installations with no central server, so a fleet of air-gapped units can still agree on what happened without any of them phoning home.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8oyrvy8qdd8lu84cvbg5.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8oyrvy8qdd8lu84cvbg5.png" alt="The regulated market the public cloud cannot lawfully serve, and the sovereign system we built for it" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Studios: serious functions, calm delivery
&lt;/h2&gt;

&lt;p&gt;We ship capability as studios, each aimed at a regulated function. Nemesis covers fraud and anti-money-laundering. Plutus covers finance and FP&amp;amp;A. Tyche handles underwriting, Prometheus forecasting, Iris customer service, Nomos compliance, Astraea legal, Panacea clinical work, Pythia business intelligence and Aletheia audit. Vinis provides voice. The Agentic Marketing Team runs marketing operations. Trust Agent holds the perimeter, and we offer the Open Audit Record as a service in its own right. The names are drawn from the Greek pantheon. The functions are entirely serious, and each studio inherits the same sovereignty, determinism and audit guarantees as the platform beneath it.&lt;/p&gt;

&lt;h2&gt;
  
  
  The intellectual property position
&lt;/h2&gt;

&lt;p&gt;We treat our position as an evidenced asset, not a claim. We have 104 filed UK patent applications, comprising roughly 2,340 claims across 13 invention families, all owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted. We are precise about that distinction because it matters: filing establishes priority and builds a prior-art moat, and we do not overstate it into something it is not. What it gives us is a defensible position on the architecture that makes sovereign, auditable, on-premises AI work at scale.&lt;/p&gt;

&lt;h2&gt;
  
  
  A market that is arriving, and a wedge into it
&lt;/h2&gt;

&lt;p&gt;The sovereign AI market is roughly USD 40 billion in 2025 and is expected to reach about USD 148 billion by 2032. The regulatory drivers behind that growth are not softening. They are hardening, jurisdiction by jurisdiction. Our wedge is the population that the incumbents structurally cannot reach: the regulated firms whose data cannot lawfully leave their premises. We do not compete for the general market. We serve the specific one that has, until now, had no compliant option.&lt;/p&gt;

&lt;h2&gt;
  
  
  Two buyers, one architecture
&lt;/h2&gt;

&lt;p&gt;Our thesis has two sides. On one side, we sell sovereign AI directly to regulated firms that the public cloud cannot lawfully reach. On the other, we license the patented stack to the platforms that want to reach those firms and currently cannot. A platform that adds a sovereign, auditable layer instantly becomes lawful for a market it is shut out of today. Our internal analysis maps 196 companies and 311 patent-company pairs as potential licensees, including Microsoft, AWS, NVIDIA, Google, Adobe and IBM. We are clear about what that is: potential-licensee sizing, not a signed book of business and not an infringement claim. We are an ally to the AI majors, not their adversary. The sovereign layer is the piece they are missing, and we built it.&lt;/p&gt;

&lt;h2&gt;
  
  
  Company and standing
&lt;/h2&gt;

&lt;p&gt;Mickai LTD is a UK company, registered at Companies House under number 17166618, with Birmingham manufacturing secured. Micky Irons is founder and CEO. We are building for organisations that measure suppliers in decades and treat provenance as seriously as performance, and we have shaped the company, the IP and the manufacturing base accordingly.&lt;/p&gt;

&lt;p&gt;The regulated market is real, the legal drivers are permanent, and the compliant option has been missing. We built the compliant option, it runs on the customer's own hardware today, and it proves its own work. Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h3&gt;
  
  
  Can Mickai really run with no connection to the cloud?
&lt;/h3&gt;

&lt;p&gt;Yes. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress. There is no public cloud round trip and no vendor endpoint in the data path, which is precisely why regulated firms that cannot lawfully move their data can still use us.&lt;/p&gt;

&lt;h3&gt;
  
  
  What does the Open Audit Record actually guarantee?
&lt;/h3&gt;

&lt;p&gt;It guarantees that every consequential action is signed under post-quantum cryptography and hash-chained into an append-only ledger that anyone can verify offline, for decades, without trusting us. If a record were altered after the fact, verification would fail, so the trail is tamper-evident rather than merely stored.&lt;/p&gt;

&lt;h3&gt;
  
  
  Are the patents granted?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  No, and we do not describe them as granted. We have 104 filed UK patent applications, roughly 2,340 claims across 13 invention families, owned by Mickai LTD. Filing establishes priority and a prior-art moat, which is the value we rely on and the only value we claim.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/rescue-revenue" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/rescue-revenue&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>regulatedenterprise</category>
      <category>onpremises</category>
      <category>postquantumaudit</category>
    </item>
    <item>
      <title>Regulation as tailwind: the sovereign AI market the cloud cannot reach</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:37:55 +0000</pubDate>
      <link>https://dev.to/mickai/regulation-as-tailwind-the-sovereign-ai-market-the-cloud-cannot-reach-5h8c</link>
      <guid>https://dev.to/mickai/regulation-as-tailwind-the-sovereign-ai-market-the-cloud-cannot-reach-5h8c</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fh3oiyy5adiddb3znaxd3.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fh3oiyy5adiddb3znaxd3.png" alt="Regulation as tailwind: the sovereign AI market the cloud cannot reach" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The market the public cloud cannot lawfully reach
&lt;/h2&gt;

&lt;p&gt;Regulation is usually filed under cost. We file it under opportunity. A large and growing set of enterprises are legally prevented from sending their most valuable data to public cloud AI, and that constraint is hardening, not loosening. Around 0.85 million UK businesses, roughly 15 percent of the total, and about 5 million across the EU cannot lawfully route special category or controlled data through a shared cloud model. That is not a preference. It is the settled position of their regulators.&lt;/p&gt;

&lt;p&gt;The drivers are specific and durable. PRA model risk expectations under SS1/23 demand explainability and control that a black box API cannot provide. UK GDPR special category data carries obligations that survive no data processing agreement with a hyperscaler. The NHS Data Security and Protection Toolkit sets a bar for patient data that public inference does not clear. The EU AI Act classifies whole categories of use as high risk, with documentation and human oversight requirements attached. ITAR and EAR govern controlled technical data. The NIS Regulations bind operators of essential services. The US CLOUD Act means that data resident in a US controlled cloud can be compelled by a foreign government, which is itself disqualifying for a great deal of European and defence adjacent work.&lt;/p&gt;

&lt;p&gt;Each of these is often described as a headwind. For a vendor whose architecture depends on data leaving the building, it is. For us it is a tailwind, because we built the opposite architecture on purpose.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F086n5oyb8gr0105xxmh0.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F086n5oyb8gr0105xxmh0.png" alt="Regulation as tailwind: the sovereign AI market the cloud cannot reach" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What we are
&lt;/h2&gt;

&lt;p&gt;Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. Nothing leaves the perimeter. There is no vendor endpoint to trust, no shared tenancy to audit, and no foreign jurisdiction with a claim over the data, because the data never moves.&lt;/p&gt;

&lt;p&gt;We run about fifty specialist models, twenty five domain and twenty five operational, with cross model routing under a deterministic arbiter. The arbiter matters. It means outputs are reproducible: the same inputs produce the same decision path, which is precisely what a model risk function needs and precisely what a probabilistic single model service cannot promise. We do not name the sovereign models publicly, and we do not need to. What the buyer inspects is behaviour, provenance and the record, not a marketing badge.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fhwcw1bz5nnanxtgw1l8h.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fhwcw1bz5nnanxtgw1l8h.png" alt="Regulation as tailwind: the sovereign AI market the cloud cannot reach" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The record that outlasts the vendor
&lt;/h2&gt;

&lt;p&gt;Every consequential action we take is written to the Open Audit Record. Each action is signed under post quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash chained into a tamper evident, append only ledger. Anyone can verify that ledger offline, for decades, without trusting us. That last clause is the point. A regulator, an auditor or a court does not have to take our word for anything. They can check the chain themselves, on their own machine, long after any commercial relationship has ended.&lt;/p&gt;

&lt;p&gt;This is what sovereignty means in practice. It is not a slogan about data residency. It is a verifiable, cryptographically anchored account of what the system did and why, held by the customer, provable to a third party, and resistant to the arrival of quantum computing. We also offer this capability on its own, as OAR-as-a-Service, for organisations that want the audit substrate before they adopt the wider system.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fuowz5xpvb05sr8zu6izv.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fuowz5xpvb05sr8zu6izv.png" alt="Regulation as tailwind: the sovereign AI market the cloud cannot reach" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The studios
&lt;/h2&gt;

&lt;p&gt;We deliver the system as a set of studios, each a serious function under a Greek name. Nemesis handles fraud and anti money laundering. Plutus covers finance and FP&amp;amp;A. Tyche runs underwriting. Prometheus does forecasting. Iris runs customer service. Nomos handles compliance. Astraea covers legal. Panacea is clinical. Pythia is business intelligence. Aletheia is audit. Vinis is voice. The Agentic Marketing Team runs marketing operations, and Trust Agent is the perimeter that guards the whole estate. Each studio inherits the same substrate: local execution, deterministic routing and the Open Audit Record underneath every action.&lt;/p&gt;

&lt;p&gt;Above the individual unit sits Pantheon, our post quantum Layer 1, currently on testnet. It provides multi node attestation across fielded units with no central server, so a fleet of air gapped installations can prove things to one another without ever phoning home to a vendor. Sovereignty at the single node, and coordination across many, with no central point of trust to compromise.&lt;/p&gt;

&lt;h2&gt;
  
  
  The moat is filed, and it is wide
&lt;/h2&gt;

&lt;p&gt;We hold 104 filed UK patent applications, comprising roughly 2,340 claims across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted. We are precise about that because it matters: filing establishes priority and builds a prior art moat. It secures our position in the ground others will have to cross, and it does so at the specific intersection of sovereign execution, post quantum audit and deterministic multi model routing that the market is now moving towards.&lt;/p&gt;

&lt;p&gt;Mickai LTD is a UK company, Companies House number 17166618, with Birmingham manufacturing secured. We build the units, and we hold the intellectual property that describes how they work.&lt;/p&gt;

&lt;h2&gt;
  
  
  The two buyers
&lt;/h2&gt;

&lt;p&gt;The market for sovereign AI is roughly USD 40 billion in 2025 and is expected to reach about USD 148 billion by 2032. We approach it with a dual buyer thesis. First, we sell sovereign AI directly to the regulated firms that the public cloud cannot lawfully reach. These are the banks, insurers, hospitals, defence suppliers and essential service operators bound by the rules set out above. For them, we are not one option among several. We are the architecture that lets them use modern AI at all without breaching their obligations.&lt;/p&gt;

&lt;p&gt;Second, we license the patented stack to the platforms that want to reach those same customers and currently cannot. Our internal analysis maps 196 companies and 311 patent to company pairs as potential licensees, with names including Microsoft, AWS, NVIDIA, Google, Adobe and IBM. We are clear about what that is and is not. It is potential licensee sizing. It is not a signed book of business, and it is not an infringement claim. It reflects a simple structural fact: a platform that adds a sovereign, air gapped, post quantum audited layer instantly reaches the regulated market it cannot serve today. We are an ally to the AI majors, not their adversary. The regulated wedge is one we can hold alone, and one others would rather license than rebuild.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why this holds
&lt;/h2&gt;

&lt;p&gt;The regulatory drivers are not a moment. SS1/23, the AI Act, the CLOUD Act and the rest are getting stricter and more widely enforced, and the volume of data that legally cannot leave the building is rising, not falling. Every tightening of the rules widens the segment that only a sovereign architecture can serve. We built for that world before it fully arrived, and we hold the filed intellectual property that describes it. The capability is live today, on the customer's own hardware, with a record they can verify without us. That is the position, and it is a position that time works in favour of.&lt;/p&gt;

&lt;p&gt;Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h3&gt;
  
  
  Does Mickai run in the public cloud?
&lt;/h3&gt;

&lt;p&gt;No. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress. There is no public cloud round trip, which is precisely why regulated firms that cannot lawfully use shared cloud AI can use us.&lt;/p&gt;

&lt;h3&gt;
  
  
  What does the Open Audit Record actually prove?
&lt;/h3&gt;

&lt;p&gt;Every consequential action is signed under post quantum cryptography and hash chained into a tamper evident, append only ledger. Anyone can verify that ledger offline, for decades, without trusting us, which gives regulators and auditors an independent account of what the system did.&lt;/p&gt;

&lt;h3&gt;
  
  
  Are the patents granted?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  They are filed, not granted. We hold 104 filed UK patent applications, roughly 2,340 claims across 13 invention families, owned by Mickai LTD. Filing establishes priority and builds a prior art moat at the intersection of sovereign execution and post quantum audit.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/regulation-as-tailwind" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/regulation-as-tailwind&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>regulatedenterprise</category>
      <category>postquantumaudit</category>
      <category>compliance</category>
    </item>
    <item>
      <title>The Prior-Art Moat: Why a Sovereign Intelligence Operating System Owns the Ground the Cloud Cannot Cross</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:37:28 +0000</pubDate>
      <link>https://dev.to/mickai/the-prior-art-moat-why-a-sovereign-intelligence-operating-system-owns-the-ground-the-cloud-cannot-332f</link>
      <guid>https://dev.to/mickai/the-prior-art-moat-why-a-sovereign-intelligence-operating-system-owns-the-ground-the-cloud-cannot-332f</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fizzgex1utsglvnzy1toz.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fizzgex1utsglvnzy1toz.png" alt="The Prior-Art Moat: Why a Sovereign Intelligence Operating System Owns the Ground the Cloud Cannot Cross" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The ground the cloud cannot cross
&lt;/h2&gt;

&lt;p&gt;Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. That single sentence is also a boundary line. On one side sits the public cloud, where every model call is a data transfer to someone else's estate. On the other side sits the regulated enterprise, which by law, by regulator expectation, or by contract cannot make that transfer. We built Mickai to live entirely on the second side, and we built it to stay there.&lt;/p&gt;

&lt;p&gt;We run on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. There is no telemetry leaving the building, no vendor endpoint quietly holding a copy, no shared tenancy to reason about in a risk committee. The intelligence comes to the data, and the data never moves. That is the whole design, and it is not a roadmap item. It is built and live today.&lt;/p&gt;

&lt;p&gt;This piece sets out why that architecture is difficult to copy, why the audit trail matters more than the model, and why the market we serve is one the largest platforms in the world cannot lawfully reach. The through line is a moat made of prior art: 104 filed UK patent applications that stake priority across the exact mechanisms a sovereign AI system needs.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fad3lgi0z0oxa8cwr2l8d.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fad3lgi0z0oxa8cwr2l8d.png" alt="The Prior-Art Moat: Why a Sovereign Intelligence Operating System Owns the Ground the Cloud Cannot Cross" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What we actually run
&lt;/h2&gt;

&lt;p&gt;We run about fifty specialist models, twenty five domain and twenty five operational, with cross-model routing under a deterministic arbiter. The arbiter matters as much as the models. Because routing is deterministic, the same inputs produce the same path and the same outputs, which is the property a regulated buyer needs before an AI system is allowed anywhere near a decision that a regulator can later question. Reproducibility is not a nice-to-have in this market. It is the entry ticket.&lt;/p&gt;

&lt;p&gt;On top of that substrate we run a set of studios. Each carries a Greek name and a serious function. Nemesis handles fraud and anti money laundering. Plutus covers finance and FP&amp;amp;A. Tyche runs underwriting. Prometheus does forecasting. Iris takes customer service. Nomos owns compliance, Astraea owns legal, Panacea covers clinical work, Pythia is business intelligence, and Aletheia runs audit. Vinis handles voice. The Agentic Marketing Team runs the outward-facing marketing function. Trust Agent is the perimeter. And OAR-as-a-Service exposes the audit ledger as a standalone capability for teams that want the record even before they adopt the rest.&lt;/p&gt;

&lt;p&gt;None of these are wrappers on a distant API. They are our own sovereign models, running inside the customer estate, arbitrated locally, producing outputs the customer can defend line by line.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fkwgm6ffv2g2n6g6evm67.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fkwgm6ffv2g2n6g6evm67.png" alt="The Prior-Art Moat: Why a Sovereign Intelligence Operating System Owns the Ground the Cloud Cannot Cross" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The record is the product
&lt;/h2&gt;

&lt;p&gt;In regulated work, the answer is only half the job. The other half is proving, later and to a hostile reader, that the answer was produced correctly and has not been altered since. This is where we put our deepest engineering, in the Open Audit Record.&lt;/p&gt;

&lt;p&gt;Every consequential action is signed under post-quantum cryptography, using FIPS 204 ML-DSA-65 with ML-KEM-768, and hash-chained into a tamper-evident, append-only ledger. Anyone can verify that ledger offline, for decades, without trusting us. Read that last clause again, because it inverts the usual vendor relationship. The buyer does not have to take our word for anything. They hold a cryptographic record they can check on their own hardware, long after any commercial relationship has ended, and long after the cryptographic assumptions of today have been stress-tested by tomorrow's machines.&lt;/p&gt;

&lt;p&gt;That is why we describe the record, not the model, as the product. Models will improve and be replaced. The obligation to prove what happened, and to prove it survives quantum-era scrutiny, does not go away. We built for the obligation.&lt;/p&gt;

&lt;p&gt;Beyond a single site, Pantheon extends the same principle across many. It is a post-quantum Layer 1, currently on testnet, that gives multi-node attestation across fielded units with no central server. Each unit attests to the others. There is no coordinating authority to compromise, and no single point whose failure quietly rewrites the shared history.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8rh85g4zyyoikgl81zlj.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8rh85g4zyyoikgl81zlj.png" alt="The Prior-Art Moat: Why a Sovereign Intelligence Operating System Owns the Ground the Cloud Cannot Cross" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Why this is hard to copy: the prior-art moat
&lt;/h2&gt;

&lt;p&gt;A determined competitor can assemble on-premises inference. What they cannot easily assemble is the specific combination of sovereign routing, deterministic arbitration, offline-verifiable post-quantum audit, and multi-node attestation, without walking into ground we have already staked.&lt;/p&gt;

&lt;p&gt;We hold 104 filed UK patent applications, comprising roughly 2,340 claims across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted. We are precise about that, because filing is what matters for the moat. Filing establishes priority. It sets the date against which everyone else's later work is measured, and it converts our architecture into prior art that a competitor has to design around rather than reimplement. The claims track the mechanisms above, which is the point. The patents are not a wall around a logo. They are a wall around the way sovereign intelligence is made verifiable.&lt;/p&gt;

&lt;p&gt;Mickai LTD is a UK company, Companies House number 17166618, with Birmingham manufacturing secured. Micky Irons is founder and CEO. The estate sits inside a real operating company with a real production path, not a holding vehicle.&lt;/p&gt;

&lt;h2&gt;
  
  
  A market the cloud cannot lawfully serve
&lt;/h2&gt;

&lt;p&gt;The sovereign AI market is roughly USD 40 billion in 2025, rising to about USD 148 billion by 2032. Those numbers are large, but the more important number is who is locked out of the public-cloud version of it. Around 0.85 million UK businesses, about 15 percent of the total, and roughly 5 million across the EU, legally cannot send their data to public cloud AI. That is not a preference. It is a legal boundary.&lt;/p&gt;

&lt;p&gt;The drivers are named and specific. PRA model-risk expectations under SS1/23. UK GDPR special category data. The NHS Data Security and Protection Toolkit. The EU AI Act high-risk classification. ITAR and EAR export controls. The NIS Regulations. The US CLOUD Act, which is precisely why a US-headquartered cloud cannot credibly promise a European regulator that data will never be reachable under foreign legal process. Each of these turns a general preference for privacy into a hard constraint that a public-cloud deployment cannot satisfy. We are built to sit exactly inside that constraint.&lt;/p&gt;

&lt;p&gt;This is the wedge. We do not have to win a general contest for AI mindshare. We have to serve the customers the incumbent architecture cannot lawfully touch, and we are the architecture that touches them.&lt;/p&gt;

&lt;h2&gt;
  
  
  The dual-buyer thesis
&lt;/h2&gt;

&lt;p&gt;Our strategy has two motions. First, we sell sovereign AI directly to regulated firms that the public cloud cannot lawfully reach. Second, we license the patented stack to the platforms that want to reach those firms and currently cannot.&lt;/p&gt;

&lt;p&gt;Our internal analysis maps 196 companies and 311 patent-company pairs as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe and IBM. We are careful about what that is and is not. It is potential-licensee sizing, a structured view of where our mechanisms intersect with others' product surfaces. It is not a signed book of business, and it is not an infringement claim against anyone. We publish it as a map of opportunity, not as a threat.&lt;/p&gt;

&lt;p&gt;The framing matters. We are an ally to the AI majors, not an OpenAI killer. A platform that adds a sovereign, verifiable layer instantly gains the regulated market it cannot serve today, and it gains it with priority already established rather than contested. That is a constructive position for everyone in the picture, which is exactly why we hold it.&lt;/p&gt;

&lt;h2&gt;
  
  
  Where this leaves us
&lt;/h2&gt;

&lt;p&gt;We have built a system that keeps data inside the customer's walls, produces reproducible outputs from about fifty arbitrated specialist models, and signs every consequential action into a post-quantum record that anyone can verify offline for decades. We have filed 104 patent applications across 13 families to stake that ground. And we point all of it at a market defined by law rather than by taste, a market the largest incumbents cannot lawfully enter on their current terms.&lt;/p&gt;

&lt;p&gt;The moat, in the end, is not any single feature. It is the compound: a live product, a verifiable record, a filed patent estate, and a customer base the cloud cannot reach. Each part makes the others harder to copy. Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h3&gt;
  
  
  Are the patents granted or filed?
&lt;/h3&gt;

&lt;p&gt;They are filed, not granted. We hold 104 filed UK patent applications, roughly 2,340 claims across 13 invention families, owned by Mickai LTD. Filing establishes priority and creates a prior-art position that competitors must design around. We do not describe them as granted, because that would be inaccurate and unnecessary. Priority is what does the work.&lt;/p&gt;

&lt;h3&gt;
  
  
  Does Mickai run in the public cloud?
&lt;/h3&gt;

&lt;p&gt;No. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. That is the point of the design. It is what allows regulated firms, who legally cannot send data to public cloud AI, to use advanced intelligence without breaching the constraints they operate under.&lt;/p&gt;

&lt;h3&gt;
  
  
  How can a buyer trust the audit record without trusting the vendor?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  The Open Audit Record is hash-chained and signed under post-quantum cryptography (FIPS 204 ML-DSA-65 with ML-KEM-768) into an append-only ledger. Verification is offline and independent of us. A buyer checks the record on their own hardware, with no call back to any Mickai endpoint, and that property holds for decades. Trust in the vendor is designed out of the verification path entirely.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/prior-art-moat" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/prior-art-moat&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>regulatedindustries</category>
      <category>patents</category>
      <category>postquantum</category>
    </item>
    <item>
      <title>Post-quantum from the ground up: why the record has to outlive the vendor</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:37:04 +0000</pubDate>
      <link>https://dev.to/mickai/post-quantum-from-the-ground-up-why-the-record-has-to-outlive-the-vendor-3dci</link>
      <guid>https://dev.to/mickai/post-quantum-from-the-ground-up-why-the-record-has-to-outlive-the-vendor-3dci</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fwn3s9hpl2lql3t56ytv5.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fwn3s9hpl2lql3t56ytv5.png" alt="Post-quantum from the ground up: why the record has to outlive the vendor" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The record has to outlive the vendor
&lt;/h2&gt;

&lt;p&gt;Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. That sentence is a design commitment, not a slogan, and post-quantum cryptography sits underneath every part of it. We did not add signatures late, as a compliance veneer over a cloud product. We built the operating system so that the proof of what it did survives longer than the hardware it ran on, longer than the staff who operated it, and longer than the company that shipped it.&lt;/p&gt;

&lt;p&gt;For a regulated buyer, that is the whole question. A bank, an insurer, a hospital, or a defence supplier does not only need an answer from a model. It needs to be able to show, years later, to a regulator or a court, exactly what was decided, on what inputs, under which model version, and to prove that the record has not been altered since. Most AI systems cannot do this. We treat it as the first requirement, and we meet it with cryptography that is expected to hold even against a quantum adversary.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F4otwdly8nvg6kh1eq33o.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F4otwdly8nvg6kh1eq33o.png" alt="Post-quantum from the ground up: why the record has to outlive the vendor" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What post-quantum from the ground up actually means
&lt;/h2&gt;

&lt;p&gt;We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. There is no vendor endpoint to trust and no telemetry leaving the building. That constraint changes how you have to think about audit. If you cannot phone home, you cannot lean on a provider's dashboard to tell you what happened. The proof has to live locally and stand on its own.&lt;/p&gt;

&lt;p&gt;So every consequential action inside Mickai is written to the Open Audit Record. The OAR signs each action under post-quantum cryptography, using the FIPS 204 ML-DSA-65 signature scheme with ML-KEM-768 for key encapsulation, and hash-chains it into a tamper-evident, append-only ledger. Anyone can verify that ledger offline, for decades, without trusting us. Break the chain at any point and the verification fails and tells you where. This is the difference between a log, which is a story a system tells about itself, and a record, which is a mathematical object that either verifies or does not.&lt;/p&gt;

&lt;p&gt;We chose the post-quantum schemes deliberately. Regulated records have long lives. A decision signed today may need to be defensible in fifteen or twenty years, and an adversary who cannot break a signature now may be able to break yesterday's signature later. Classical signatures leave that door open. Building on the standardised post-quantum algorithms closes it, which is why we treat post-quantum as the floor of the architecture rather than a future upgrade.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fzsk8l7i2oya4wsbpbxgl.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fzsk8l7i2oya4wsbpbxgl.png" alt="Post-quantum from the ground up: why the record has to outlive the vendor" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Reproducible by design, not by luck
&lt;/h2&gt;

&lt;p&gt;An audit trail is only worth signing if the thing it records is stable. We run about fifty specialist models, twenty five domain and twenty five operational, with cross-model routing under a deterministic arbiter. The arbiter decides which models handle a request and in what order, and it does so deterministically, so the same inputs produce the same outputs and the same routing path. Reproducibility is not an aspiration we hope holds under load. It is a property of how the system is wired, and it is what makes a signed record meaningful. A record of a non-deterministic process proves only that something happened once.&lt;/p&gt;

&lt;p&gt;We keep the sovereign models on the customer's hardware alongside everything else. They are ours, tuned for the work, and they never leave the premises. The point of the arbiter is that a regulated firm can reconstruct any decision from first principles: the inputs, the models, the routing, and the signed output, all held locally and all verifiable without us in the loop.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Flpv0hbhb863zeadu6wyj.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Flpv0hbhb863zeadu6wyj.png" alt="Post-quantum from the ground up: why the record has to outlive the vendor" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The studios that do the work
&lt;/h2&gt;

&lt;p&gt;On top of this substrate we run a set of studios. The names are drawn from Greek myth and the functions are entirely serious. Nemesis handles fraud and anti-money-laundering. Plutus covers finance and FP&amp;amp;A. Tyche does underwriting. Prometheus does forecasting. Iris runs customer service. Nomos handles compliance and Astraea handles legal. Panacea is clinical. Pythia is business intelligence. Aletheia is audit. Vinis is voice. The Agentic Marketing Team runs marketing operations, and Trust Agent is the perimeter that guards the whole estate. We also offer OAR-as-a-Service, so the signed-record capability can be applied to workloads beyond the studios themselves.&lt;/p&gt;

&lt;p&gt;Every one of these studios writes to the same Open Audit Record. A fraud decision, an underwriting call, a compliance check, and a clinical inference are all signed and chained the same way. That uniformity matters to an auditor. There is one evidence model across the estate, not a dozen bespoke logs that each have to be argued about separately.&lt;/p&gt;

&lt;h2&gt;
  
  
  Attestation across many nodes
&lt;/h2&gt;

&lt;p&gt;Air-gapped units still need to agree on what is true across a fleet. Pantheon, our post-quantum Layer 1, now on testnet, provides multi-node attestation across fielded units with no central server. Each unit can attest to the others, so an organisation running many sites can establish a shared, verifiable view of state without routing anything through a central authority and without opening a path off the premises. The same post-quantum discipline that protects a single record protects agreement between nodes.&lt;/p&gt;

&lt;h2&gt;
  
  
  The intellectual property behind it
&lt;/h2&gt;

&lt;p&gt;We have filed 104 UK patent applications, comprising roughly 2,340 claims across 13 invention families. They are owned by Mickai LTD, and the named inventor is Mickarle Sean Junior Wagstaff-Irons. These are filed applications, not granted patents. We are precise about that because it matters: filing establishes priority and builds a prior-art moat around the architecture, the audit record, the arbiter, and the attestation layer. It marks the ground. The families track the system itself, so the protection and the product describe the same thing.&lt;/p&gt;

&lt;p&gt;Mickai LTD is a UK company, Companies House number 17166618, with manufacturing secured in Birmingham. Micky Irons is founder and CEO. We build hardware and software together because sovereignty is meaningless if you do not control the box the system runs on.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why the market has no cloud answer
&lt;/h2&gt;

&lt;p&gt;The sovereign AI market was roughly USD 40 billion in 2025 and is expected to reach about USD 148 billion by 2032. The demand is not driven by preference. It is driven by law. Around 0.85 million UK businesses, about 15 percent, and roughly 5 million across the EU, legally cannot send their data to public cloud AI. The reasons stack up quickly: PRA model-risk expectations under SS1/23, UK GDPR special category data, the NHS Data Security and Protection Toolkit, the EU AI Act high-risk classification, ITAR and EAR export controls, the NIS Regulations, and the US CLOUD Act.&lt;/p&gt;

&lt;p&gt;Read together, these rules describe a large population of firms that need modern AI and are forbidden from using the way it is usually delivered. A signed, reproducible, air-gapped operating system is not a nicer option for these buyers. It is the only lawful one. Post-quantum audit is what lets them adopt AI and still satisfy a regulator who will ask, later, to see the proof.&lt;/p&gt;

&lt;h2&gt;
  
  
  An ally, sold two ways
&lt;/h2&gt;

&lt;p&gt;We take our capability to market on a dual-buyer thesis. First, we sell the sovereign operating system directly to regulated firms the public cloud cannot lawfully reach. Second, we license the patented stack to the platforms that want to reach those same firms and cannot, today, because the workloads must stay on premises and provably so.&lt;/p&gt;

&lt;p&gt;Our internal analysis maps 196 companies and 311 patent-company pairs as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe, and IBM. We are careful about what that is. It is potential-licensee sizing, not a signed book of business and not an infringement claim. We are an ally to the AI majors, not an OpenAI killer. A platform that adds a sovereign, provable layer to its offering instantly reaches a regulated market it cannot serve today, and the audit record is the piece that makes that reach defensible rather than merely marketed. That value is available to a partner without either side having to pretend the regulatory wall does not exist.&lt;/p&gt;

&lt;h2&gt;
  
  
  Where this leaves a regulated buyer
&lt;/h2&gt;

&lt;p&gt;The promise is narrow and testable. Run modern AI inside your own walls, with nothing leaving the building. Get the same output for the same input every time, because a deterministic arbiter routes across our models. Keep a signed, hash-chained record of every consequential action, protected by post-quantum cryptography, that you can hand to an auditor and that they can verify offline, for decades, without trusting us. That is what post-quantum from the ground up buys you, and it is live today rather than on a roadmap. Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h3&gt;
  
  
  Is the Open Audit Record really verifiable without trusting Mickai?
&lt;/h3&gt;

&lt;p&gt;Yes. The OAR is an append-only, hash-chained ledger where each consequential action is signed under FIPS 204 ML-DSA-65 with ML-KEM-768. Verification is a local, offline operation against the public verification keys. Any alteration breaks the chain and the check fails at the point of tampering, so a regulator or auditor can confirm integrity for decades without a live connection to us.&lt;/p&gt;

&lt;h3&gt;
  
  
  Why post-quantum rather than standard signatures?
&lt;/h3&gt;

&lt;p&gt;Regulated records have long lifetimes. A decision signed today may need to be defensible in fifteen or twenty years. An adversary who cannot break a classical signature now may be able to later, which would retroactively undermine old records. Building on the standardised post-quantum schemes protects the record against that future, which is why we treat it as the foundation rather than an upgrade.&lt;/p&gt;

&lt;h3&gt;
  
  
  Does this run without any cloud connection at all?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  It does. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. The sovereign models, the deterministic arbiter, and the Open Audit Record all operate locally, and Pantheon provides multi-node attestation across fielded units with no central server, so a multi-site organisation can share a verifiable view of state without anything leaving the premises.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/post-quantum-from-the-ground-up" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/post-quantum-from-the-ground-up&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>postquantumcryptogra</category>
      <category>openauditrecord</category>
      <category>regulatedindustries</category>
    </item>
    <item>
      <title>Sovereign AI for Pharmaceutical Clinical Trials</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:36:38 +0000</pubDate>
      <link>https://dev.to/mickai/sovereign-ai-for-pharmaceutical-clinical-trials-44e9</link>
      <guid>https://dev.to/mickai/sovereign-ai-for-pharmaceutical-clinical-trials-44e9</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fzzqciqmksohfkebyu7yu.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fzzqciqmksohfkebyu7yu.png" alt="Sovereign AI for Pharmaceutical Clinical Trials" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. For pharmaceutical sponsors and clinical research organisations, that sentence is the whole point. The data that moves a molecule from first-in-human dosing to marketing authorisation is among the most sensitive and most regulated data in any industry. It is special category health data under UK GDPR. It is subject to Good Clinical Practice, to 21 CFR Part 11, to the EU Clinical Trials Regulation, and to the audit expectations of the MHRA, the EMA and the FDA. Sending it through a public cloud AI service, where it leaves your control and crosses a vendor boundary you cannot inspect, is for many sponsors simply not lawful. We built Mickai for exactly that constraint.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fdxbruc1z5aosbxlyywhq.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fdxbruc1z5aosbxlyywhq.png" alt="Sovereign AI for Pharmaceutical Clinical Trials" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Why clinical development cannot use public cloud AI
&lt;/h2&gt;

&lt;p&gt;We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. In a clinical context that is not a preference, it is a compliance requirement. Patient identifiers, genomic data, adverse event narratives, unblinded efficacy results, and site source documents cannot be exported to a third party system where the sponsor loses custody and the processing cannot be independently examined.&lt;/p&gt;

&lt;p&gt;The regulatory drivers are concrete. UK GDPR treats health data as special category and constrains where it may be processed. The EU AI Act classes many clinical and diagnostic uses as high risk, with obligations on data governance, logging and human oversight. The US CLOUD Act means that data placed with a US hosted provider can be reachable by process the sponsor never sees. ITAR and EAR bear on collaborations that touch controlled technology. For a sponsor running a global programme, the cleanest way to satisfy all of these at once is to never let the data leave the building. That is the design we shipped.&lt;/p&gt;

&lt;p&gt;Around 0.85 million UK businesses, roughly 15 percent, and about 5 million across the EU, legally cannot send data to public cloud AI. Regulated life sciences sit squarely inside that population. The sovereign AI market these firms represent is roughly USD 40 billion in 2025, rising to about USD 148 billion by 2032. We are built for the part of that market the public cloud cannot lawfully reach.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F1finb1e55vsdj232gb7j.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F1finb1e55vsdj232gb7j.png" alt="Sovereign AI for Pharmaceutical Clinical Trials" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What we run inside the trial perimeter
&lt;/h2&gt;

&lt;p&gt;We run about fifty specialist models, 25 domain and 25 operational, with cross-model routing under a deterministic arbiter, so outputs are reproducible. Reproducibility matters in a regulated setting more than raw fluency. A regulator does not want a plausible answer that changes each time it is asked. They want the same input to produce the same output, with a record of how it was produced. Our arbiter is built for that.&lt;/p&gt;

&lt;p&gt;The work is organised into studios, each named from Greek myth and each built for a serious function. For clinical development the relevant ones are direct. Panacea handles clinical work. Aletheia handles audit. Nomos handles compliance. Astraea handles legal. Pythia handles business intelligence. Prometheus handles forecasting, which for a sponsor covers enrolment projection and supply planning. Iris handles patient and site facing service, and Vinis handles voice. Nemesis covers fraud and anti money laundering controls where financial integrity touches the trial. Trust Agent is the perimeter that keeps the whole system sealed. Each studio runs on the sponsor's own infrastructure, so protocol design support, medical writing, safety narrative drafting, deviation triage and audit preparation all happen without a single record leaving the sponsor's control.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fx03uplhsb0e2aslstyde.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fx03uplhsb0e2aslstyde.png" alt="Sovereign AI for Pharmaceutical Clinical Trials" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The Open Audit Record: evidence a regulator can verify
&lt;/h2&gt;

&lt;p&gt;The strongest thing we bring to a clinical programme is not generation, it is proof. Every consequential action is signed under post-quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash-chained into a tamper-evident, append-only ledger that anyone can verify offline, for decades, without trusting the vendor. We call this the Open Audit Record, or OAR.&lt;/p&gt;

&lt;p&gt;Consider what an inspection actually demands. Who did what, when, on which data, and can you demonstrate the record was not altered afterwards. Conventional audit trails ask the inspector to trust the system that wrote them. The OAR does the opposite. Because each entry is cryptographically signed and chained to the one before it, any tampering breaks the chain and is detectable by anyone, including a regulator running the verification independently, years later, with no connection to us. For a submission that must survive inspection long after the trial closes, an audit record that verifies offline and does not depend on the vendor still existing is a material advantage. We also offer this capability on its own, as OAR-as-a-Service, for sponsors who want the evidentiary layer around systems they already run.&lt;/p&gt;

&lt;p&gt;For multi-site and multi-sponsor programmes, Pantheon extends this. Pantheon is a post-quantum Layer 1, currently on testnet, that gives multi-node attestation across fielded units with no central server. That means several sites, or a sponsor and its clinical research organisation, can each hold an independently verifiable record and agree on the state of the trial without routing everything through one party's servers.&lt;/p&gt;

&lt;h2&gt;
  
  
  The intellectual property behind the claim
&lt;/h2&gt;

&lt;p&gt;We do not ask sponsors to take the architecture on faith. It is documented in our patent estate. We have 104 filed UK patent applications, roughly 2,340 claims, across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted. Filing establishes priority and builds a prior-art moat around the sovereign design. For a buyer whose procurement team weighs vendor durability, a documented and dated invention record is part of the diligence answer.&lt;/p&gt;

&lt;h2&gt;
  
  
  A sovereign layer the wider market cannot ignore
&lt;/h2&gt;

&lt;p&gt;Our commercial thesis has two sides. We sell sovereign AI to regulated firms the public cloud cannot lawfully reach, and we license the patented stack to the platforms that want to reach them. Internal analysis maps 196 companies and 311 patent-company pairs as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe and IBM. This is potential-licensee sizing, not a signed book and not an infringement claim. We are an ally to the AI majors, not an OpenAI killer. A platform that adds a sovereign, air-gapped, cryptographically auditable layer instantly reaches the regulated life sciences market it cannot serve today. That is the strategic logic, and it points in the same direction as the buyer's own interest.&lt;/p&gt;

&lt;p&gt;Mickai LTD is a UK company, Companies House 17166618, with Birmingham manufacturing secured, founded and led by Micky Irons as CEO. We build for regulated industries where the answer to "where does the data go" has to be "nowhere". In clinical development, that answer is not a feature. It is the licence to operate.&lt;/p&gt;

&lt;p&gt;Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h2&gt;
  
  
  Frequently asked questions
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Does clinical trial data ever leave our infrastructure?
&lt;/h3&gt;

&lt;p&gt;No. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. Patient identifiers, unblinded results and source documents stay inside the sponsor's walls throughout.&lt;/p&gt;

&lt;h3&gt;
  
  
  How does the Open Audit Record help with an MHRA, EMA or FDA inspection?
&lt;/h3&gt;

&lt;p&gt;Every consequential action is signed under post-quantum cryptography and hash-chained into an append-only ledger. Any alteration breaks the chain and is detectable. A regulator can verify the record offline, for decades, without trusting us or requiring us to still exist.&lt;/p&gt;

&lt;h3&gt;
  
  
  Are the patents granted?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  They are filed, not granted. We have 104 filed UK patent applications, roughly 2,340 claims, across 13 invention families, owned by Mickai LTD. Filing establishes priority and a prior-art moat around the sovereign architecture.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/pharma-clinical-trials" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/pharma-clinical-trials&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>clinicaltrials</category>
      <category>pharmaceuticals</category>
      <category>regulatorycompliance</category>
    </item>
    <item>
      <title>The Pantheon Consensus Layer: Sovereign Agreement Without a Centre</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:36:14 +0000</pubDate>
      <link>https://dev.to/mickai/the-pantheon-consensus-layer-sovereign-agreement-without-a-centre-48m0</link>
      <guid>https://dev.to/mickai/the-pantheon-consensus-layer-sovereign-agreement-without-a-centre-48m0</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fwbwwcs94edo76ffq2k7j.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fwbwwcs94edo76ffq2k7j.png" alt="The Pantheon Consensus Layer: Sovereign Agreement Without a Centre" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The problem sovereign AI has not solved
&lt;/h2&gt;

&lt;p&gt;Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. That single fact solves the first half of the sovereignty problem. When artificial intelligence runs on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip, the data never leaves the building and no vendor ever sees it. For a bank, a hospital, or a defence supplier, that is the difference between a system the regulator permits and one it does not.&lt;/p&gt;

&lt;p&gt;But sovereignty on a single machine leaves a harder question unanswered. When an organisation fields many units, in many sites, sometimes in different countries and sometimes with no network between them, how do those units agree on what happened without a central server to referee them? A head office server would recreate the very single point of trust that sovereignty exists to remove. This is the problem the Pantheon consensus layer was built to close.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fw1220qf2w79a4y8djl0z.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fw1220qf2w79a4y8djl0z.png" alt="The Pantheon Consensus Layer: Sovereign Agreement Without a Centre" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What the Pantheon consensus layer is
&lt;/h2&gt;

&lt;p&gt;We built Pantheon as a post-quantum Layer 1, now running on testnet, that provides multi-node attestation across fielded units with no central server. Every unit is a peer. There is no head office node that others must trust, and no cloud endpoint that can be compromised, subpoenaed, or switched off. The network agrees on the record of consequential actions by consensus among the nodes themselves, and that agreement holds even when individual units are offline, air gapped, or physically separated.&lt;/p&gt;

&lt;p&gt;We designed it post-quantum from the base layer because the systems our customers run are meant to last decades, and a record that can be forged by a future quantum computer is not a record at all. The cryptography that protects consensus is the same standards-based, post-quantum cryptography that protects everything else we build, so the guarantee is uniform from the single node up to the whole fielded network.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F7i3zr5ksdhycqsjav1qy.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F7i3zr5ksdhycqsjav1qy.png" alt="The Pantheon Consensus Layer: Sovereign Agreement Without a Centre" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  How it works with the Open Audit Record
&lt;/h2&gt;

&lt;p&gt;Pantheon does not stand alone. It extends our Open Audit Record, the OAR, from one machine to many. On any single unit, every consequential action is signed under post-quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash-chained into a tamper-evident, append-only ledger that anyone can verify offline, for decades, without trusting us. That property is already strong on its own. A regulator, an auditor, or a court can take the ledger and check it independently, years later, with no call home to any server we control.&lt;/p&gt;

&lt;p&gt;Pantheon takes that local ledger and gives it agreement across the estate. When units can reach each other, they attest to one another's records and reach consensus on a shared, tamper-evident history. When they cannot, each unit keeps signing and chaining locally, and the records reconcile through consensus once connectivity returns. The result is one verifiable account of what every unit did, assembled without a central authority and provable long after the fact. For an institution that must show a supervisor exactly what its automated systems decided, and be able to prove it was not edited after the event, that is the whole game.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fd41zzdzdb5ib3v4cu8ut.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fd41zzdzdb5ib3v4cu8ut.png" alt="The Pantheon Consensus Layer: Sovereign Agreement Without a Centre" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Reproducible decisions underneath
&lt;/h2&gt;

&lt;p&gt;Consensus about actions is only useful if the actions themselves are consistent. We run about fifty specialist models, twenty-five domain and twenty-five operational, with cross-model routing under a deterministic arbiter, so outputs are reproducible. The same inputs produce the same outputs, which means a decision recorded on one node can be reconciled against another without ambiguity about why the two units behaved as they did. Reproducibility at the model layer and consensus at the network layer are two halves of the same guarantee. The sovereign models never leave the customer's hardware, so this holds entirely within the customer's own perimeter.&lt;/p&gt;

&lt;p&gt;Above those models sit our studios, each with a Greek name and a serious function. Nemesis covers fraud and AML. Plutus covers finance and FP&amp;amp;A. Tyche handles underwriting, Prometheus forecasting, Iris customer service, Nomos compliance, Astraea legal, Panacea clinical work, Pythia business intelligence, and Aletheia audit. Vinis is voice, the Agentic Marketing Team runs marketing, and Trust Agent holds the perimeter. Every consequential action any studio takes flows into the OAR, and Pantheon carries that record across the estate. We also offer OAR-as-a-Service for organisations that want the audit substrate on its own.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why a regulated buyer needs consensus without a centre
&lt;/h2&gt;

&lt;p&gt;The rules that make on-premises AI necessary are the same rules that make central coordination a liability. UK GDPR special category data, the NHS Data Security and Protection Toolkit, PRA model-risk expectations under SS1/23, the EU AI Act high-risk classification, ITAR and EAR, the NIS Regulations, and the US CLOUD Act all point the same way. Around 0.85 million UK businesses, about fifteen percent, and roughly five million across the EU, legally cannot send their data to public cloud AI. A design that solves the single-site problem but reintroduces a central server for coordination fails these buyers as surely as the cloud does.&lt;/p&gt;

&lt;p&gt;Pantheon is our answer. It lets a regulated institution run automated decisions across many sovereign units and still hold one provable, post-quantum record of what happened, with no central point that a regulator would flag, an adversary would target, or a foreign statute could reach. The sovereign AI market is roughly USD 40 billion in 2025 and is projected to reach about USD 148 billion by 2032. The organisations driving that growth are precisely the ones that cannot accept a central coordinator, which is why we built consensus without one.&lt;/p&gt;

&lt;h2&gt;
  
  
  Built, filed, and owned
&lt;/h2&gt;

&lt;p&gt;None of this is a roadmap. The system is built and live today. Mickai LTD, a UK company registered at Companies House under number 17166618, owns the intellectual property behind it, with Birmingham manufacturing secured. We hold 104 filed UK patent applications, roughly 2,340 claims across 13 invention families, with named inventor Mickarle Sean Junior Wagstaff-Irons. These applications are filed, not granted. Filing establishes priority and builds a prior-art moat around the architecture, including the consensus and audit design at the heart of Pantheon.&lt;/p&gt;

&lt;p&gt;That moat also frames how we work with the wider industry. Our position is a dual-buyer one. We sell sovereign AI directly to the regulated firms the public cloud cannot lawfully reach, and we license the patented stack to the platforms that want to reach them. Internal analysis maps 196 companies and 311 patent-company pairs as potential licensees, names among them Microsoft, AWS, NVIDIA, Google, Adobe, and IBM. That is potential-licensee sizing, not a signed book and not an infringement claim. A platform that adds a sovereign, consensus-backed layer instantly reaches a regulated market it cannot serve today. We are an ally to the AI majors, not their rival.&lt;/p&gt;

&lt;p&gt;Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h3&gt;
  
  
  Is the Pantheon consensus layer live?
&lt;/h3&gt;

&lt;p&gt;The consensus layer runs on testnet today as a post-quantum Layer 1. It provides multi-node attestation across fielded units with no central server, and it extends the Open Audit Record from a single machine to an estate of them. The wider Mickai system it sits within is built and live now.&lt;/p&gt;

&lt;h3&gt;
  
  
  How does Pantheon reach agreement without a central server?
&lt;/h3&gt;

&lt;p&gt;Each unit signs and hash-chains its own consequential actions into a tamper-evident, append-only ledger. When units can reach each other, they attest to one another's records and reach consensus on a shared history. When they cannot, they keep recording locally and reconcile once connectivity returns. No node is privileged, so there is no central point to trust, target, or subpoena.&lt;/p&gt;

&lt;h3&gt;
  
  
  Can the audit record be verified without trusting Mickai?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  Yes. Every record is signed under post-quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash-chained. Anyone holding the ledger can verify it offline, for decades, with no call home to us and no dependence on any server we control.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/pantheon-consensus-layer" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/pantheon-consensus-layer&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>pantheon</category>
      <category>consensus</category>
      <category>postquantum</category>
    </item>
    <item>
      <title>Own It, Do Not Rent It: Sovereign Intelligence for the Regulated Enterprise</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:35:48 +0000</pubDate>
      <link>https://dev.to/mickai/own-it-do-not-rent-it-sovereign-intelligence-for-the-regulated-enterprise-26bp</link>
      <guid>https://dev.to/mickai/own-it-do-not-rent-it-sovereign-intelligence-for-the-regulated-enterprise-26bp</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fcnf6wa0uhojo7csxafl9.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fcnf6wa0uhojo7csxafl9.png" alt="Own It, Do Not Rent It: Sovereign Intelligence for the Regulated Enterprise" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The distinction that decides everything: ownership
&lt;/h2&gt;

&lt;p&gt;Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. That single sentence is the whole argument. Every other AI system a regulated firm can buy today arrives as a tenancy. The model sits on someone else's infrastructure, the data travels to a jurisdiction the buyer does not control, and the terms of service can change under the buyer's feet. We built the alternative, and it is live now, not a roadmap item and not a pilot waiting for funding to begin.&lt;/p&gt;

&lt;p&gt;We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. Nothing leaves the building. That is not a configuration option we bolt on for nervous clients. It is the architecture. When a bank, an insurer, a hospital or a defence contractor deploys us, the intelligence lives where the regulated data already lives, and it never has to leave to be useful.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F50uwn9ltx6tlqq91d5gx.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F50uwn9ltx6tlqq91d5gx.png" alt="Own It, Do Not Rent It: Sovereign Intelligence for the Regulated Enterprise" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Why renting fails the regulated buyer
&lt;/h2&gt;

&lt;p&gt;There is a large class of organisation that cannot lawfully send its data to public cloud AI. This is not a matter of preference or caution. It is a matter of law and enforceable regulation. We count around 0.85 million UK businesses, about 15 percent of the total, that fall into this position, and roughly 5 million across the EU. These are not fringe operators. They are the institutions that hold the most sensitive data in the economy.&lt;/p&gt;

&lt;p&gt;The drivers are specific and well documented. The Prudential Regulation Authority sets model risk expectations under SS1/23. UK GDPR governs special category data. The NHS Data Security and Protection Toolkit binds anyone touching patient records. The EU AI Act places high-risk classification on exactly the systems these firms want to build. ITAR and EAR govern defence and dual-use technology. The NIS Regulations cover critical infrastructure. And the US CLOUD Act means that data held by an American hyperscaler can be reached by a foreign government regardless of where the servers physically sit. For a firm bound by any one of these, a public cloud AI tenancy is not a bargain to be negotiated. It is a door that is legally shut.&lt;/p&gt;

&lt;p&gt;We built Mickai for the organisations standing on the wrong side of that door. When the intelligence runs on the customer's own hardware, air gapped, with no egress, the legal objection does not need to be managed. It simply does not arise.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F622v4bq80dur7ibackk8.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F622v4bq80dur7ibackk8.png" alt="Own It, Do Not Rent It: Sovereign Intelligence for the Regulated Enterprise" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What we actually run
&lt;/h2&gt;

&lt;p&gt;Underneath the operating system we run about fifty specialist models, twenty-five domain and twenty-five operational, with cross-model routing under a deterministic arbiter. That last point matters more than it may first appear. Determinism means outputs are reproducible. Ask the same question of the same state twice and you get the same answer, which is precisely what a regulator, an auditor or a court expects and precisely what a probabilistic cloud endpoint cannot promise. We refer only to our own models, the sovereign models, trained and held for this purpose.&lt;/p&gt;

&lt;p&gt;The capabilities are organised into studios, each named from Greek myth and each doing serious, narrow work. Nemesis handles fraud and anti money laundering. Plutus covers finance and FP&amp;amp;A. Tyche does underwriting. Prometheus does forecasting. Iris runs customer service. Nomos handles compliance, Astraea covers legal, and Panacea covers clinical work. Pythia delivers business intelligence, Aletheia handles audit, and Vinis provides voice. The Agentic Marketing Team runs marketing operations, Trust Agent holds the perimeter, and we offer OAR-as-a-Service for organisations that want the audit substrate on its own.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F45kvbfys4bqt9rnvle2m.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F45kvbfys4bqt9rnvle2m.png" alt="Own It, Do Not Rent It: Sovereign Intelligence for the Regulated Enterprise" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Proof you can verify without trusting us
&lt;/h2&gt;

&lt;p&gt;Ownership is only half the promise. The other half is proof. Every consequential action inside Mickai is written to the Open Audit Record. Each entry is signed under post-quantum cryptography, FIPS 204 ML-DSA-65 with ML-KEM-768, and hash-chained into a tamper-evident, append-only ledger. Anyone can verify that ledger offline, for decades, without trusting the vendor. Read that clause again, because it inverts the usual relationship. We are not asking a regulated buyer to take our word for what the system did. We are handing them a record they can check themselves, cryptographically, long after any commercial relationship has ended.&lt;/p&gt;

&lt;p&gt;For deployments that span multiple sites or fielded units, Pantheon extends the same guarantee across nodes. It is a post-quantum Layer 1, currently on testnet, that provides multi-node attestation with no central server. Each unit can attest to the others without a coordinating authority in the middle, which is the property you need when the whole point is that no single controller sits above the estate.&lt;/p&gt;

&lt;h2&gt;
  
  
  The intellectual property position
&lt;/h2&gt;

&lt;p&gt;We have filed 104 UK patent applications, comprising roughly 2,340 claims across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted. We are precise about that distinction because it matters. Filing establishes priority and builds a prior-art moat. It fixes the date and stakes the ground. We do not claim more than the filing gives us, and we do not need to.&lt;/p&gt;

&lt;h2&gt;
  
  
  Two buyers, one stack
&lt;/h2&gt;

&lt;p&gt;There are two ways to reach the regulated market, and we pursue both. The first is direct: we sell sovereign AI to the firms the public cloud cannot lawfully serve. The second is by licence: we make the patented stack available to the platforms that want to reach those same firms and currently cannot. A platform that adds a sovereign layer to its offering reaches, in a single step, the regulated market it is otherwise legally barred from serving. That is a plain statement of where the value sits.&lt;/p&gt;

&lt;p&gt;Our internal analysis maps 196 companies and 311 patent-company pairs as potential licensees, and the names in that set include Microsoft, AWS, NVIDIA, Google, Adobe and IBM. We are careful about what that is and is not. It is potential-licensee sizing, a map of where our patent families touch existing product lines. It is not a signed book of business and it is not an infringement claim against anyone. We position ourselves as an ally to the AI majors, not as an adversary. The public cloud does extraordinary things for the markets it can serve. We serve the markets it cannot, and we make it possible for the majors to follow.&lt;/p&gt;

&lt;h2&gt;
  
  
  The market we are building into
&lt;/h2&gt;

&lt;p&gt;The sovereign AI market sits at roughly USD 40 billion in 2025 and is projected to reach about USD 148 billion by 2032. That trajectory is not driven by fashion. It is driven by the regulatory drivers above, each of which tightens rather than loosens over time. As the EU AI Act phases in, as model-risk supervision matures, and as data-sovereignty enforcement grows teeth, the population of organisations that must own rather than rent their intelligence expands. We are built for that population, and we are already deployable to it.&lt;/p&gt;

&lt;h2&gt;
  
  
  The company
&lt;/h2&gt;

&lt;p&gt;Mickai LTD is a UK company, Companies House number 17166618, with Birmingham manufacturing secured. Micky Irons is founder and CEO. We build the operating system, the models, the audit substrate and the attestation layer as one coherent stack, because sovereignty that is only partial is not sovereignty at all.&lt;/p&gt;

&lt;p&gt;The message to a regulated buyer is simple. You should own the intelligence that touches your most sensitive data, run it inside your own walls, and hold a record of what it did that you can verify yourself, without trusting anyone. That is what we built. You do not rent it. You own it.&lt;/p&gt;

&lt;p&gt;Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h3&gt;
  
  
  Does Mickai really run with no connection to the public cloud?
&lt;/h3&gt;

&lt;p&gt;Yes. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. The system is designed to be useful without any outbound connection, which is what makes it lawful for firms that cannot send data offsite.&lt;/p&gt;

&lt;h3&gt;
  
  
  What does it mean that the patents are filed rather than granted?
&lt;/h3&gt;

&lt;p&gt;We have 104 filed UK patent applications, roughly 2,340 claims across 13 families, owned by Mickai LTD. Filing establishes priority and a prior-art moat: it fixes the date and stakes the ground. We describe them as filed, never granted, because that is the accurate position.&lt;/p&gt;

&lt;h3&gt;
  
  
  How can an auditor trust the record without trusting Mickai?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  Every consequential action is signed under post-quantum cryptography (FIPS 204 ML-DSA-65 with ML-KEM-768) and hash-chained into an append-only ledger. Anyone can verify that ledger offline, for decades, without trusting the vendor. The proof stands on its own cryptography, not on our assurances.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/own-do-not-rent" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/own-do-not-rent&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>sovereignai</category>
      <category>regulatedenterprise</category>
      <category>datasovereignty</category>
      <category>postquantumaudit</category>
    </item>
    <item>
      <title>The Open Audit Record, Explained</title>
      <dc:creator>Micky Irons</dc:creator>
      <pubDate>Thu, 02 Jul 2026 01:35:23 +0000</pubDate>
      <link>https://dev.to/mickai/the-open-audit-record-explained-297c</link>
      <guid>https://dev.to/mickai/the-open-audit-record-explained-297c</guid>
      <description>&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Futnrddbz5p4qqmfaw0ra.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Futnrddbz5p4qqmfaw0ra.png" alt="The Open Audit Record, Explained" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;By Micky Irons, founder of Mickai.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What the Open Audit Record is
&lt;/h2&gt;

&lt;p&gt;We built the Open Audit Record because the hardest question a regulated firm faces after an AI decision is not what the model produced, but whether anyone can prove, later and independently, what actually happened. Logs can be edited. Vendors can be acquired, wound down, or breached. A screenshot proves nothing to a regulator two years after the fact. So we made the record itself the primitive, and we made it survive us.&lt;/p&gt;

&lt;p&gt;Every consequential action taken inside our system is signed under post-quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768 for key establishment) and hash-chained into a tamper-evident, append-only ledger. The chain is the point. Each entry commits to the one before it, so a single altered record breaks every link that follows. Anyone holding the ledger can verify it offline, for decades, without trusting us and without calling home to a server. We designed the OAR so that our own good behaviour is not something you have to take on faith. You can check it.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fd8oqbwv863k468imidqm.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fd8oqbwv863k468imidqm.png" alt="The Open Audit Record, Explained" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Why signed logging is not enough
&lt;/h2&gt;

&lt;p&gt;Most audit trails are a database table with write access. Whoever controls the table controls the truth, and that includes the vendor. The moment your evidence depends on the continued cooperation of a supplier, you do not have evidence, you have a promise. Regulators know this, which is why model-risk and data-protection regimes increasingly ask not just what a system did, but how the record of it can be trusted.&lt;/p&gt;

&lt;p&gt;We answer that with three properties that hold together. The record is append-only, so nothing can be quietly removed. It is hash-chained, so nothing can be silently altered without detection. And it is signed with post-quantum keys, so the signatures remain sound against the class of attacks that will render today's classical cryptography readable in the coming decade. A record that is verifiable today but forgeable in fifteen years is not an audit record, it is a liability with a delay on it. We chose ML-DSA-65 and ML-KEM-768 precisely because a compliance ledger has to outlive the cryptographic era it was written in.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fq4mlbwmbf235hbv3z96l.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fq4mlbwmbf235hbv3z96l.png" alt="The Open Audit Record, Explained" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  How the OAR works in practice
&lt;/h2&gt;

&lt;p&gt;We run about fifty specialist models, twenty-five domain and twenty-five operational, with cross-model routing under a deterministic arbiter. Determinism matters here for a reason that is easy to miss. Because the arbiter is deterministic, the same inputs produce the same outputs, so an entry in the ledger is not just a note that something happened, it is a reproducible claim. An auditor can take the recorded inputs, replay them, and get the recorded result. The OAR captures the decision, the model path, and the arbitration, and binds them into the chain so the reconstruction is exact rather than approximate.&lt;/p&gt;

&lt;p&gt;Because everything runs on your own hardware, on premises and air-gapped, the record is generated where the work happens and never leaves your walls. There is zero data egress and no public cloud round trip. The ledger is yours from the first byte. We do not hold a copy you have to request, and there is no vendor-side store to subpoena, breach, or lose. If a fielded unit needs to prove its record against others, our Layer 1, Pantheon, provides multi-node attestation across units with no central server. Pantheon is on testnet today, extending the same offline-verifiable guarantee from one machine to many.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fj1rdoqr1s9ut8d2c2kt0.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fj1rdoqr1s9ut8d2c2kt0.png" alt="The Open Audit Record, Explained" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  OAR-as-a-Service, and the studios it sits under
&lt;/h2&gt;

&lt;p&gt;The OAR is not a bolt-on. It runs beneath every studio we ship, so the evidence is a by-product of the work rather than a separate reporting exercise. Nemesis handles fraud and AML, Plutus covers finance and FP&amp;amp;A, Tyche does underwriting, Prometheus does forecasting, Iris runs customer service, Nomos handles compliance, Astraea covers legal, Panacea is clinical, Pythia is business intelligence, and Aletheia is audit itself. Vinis carries voice, the Agentic Marketing Team runs growth, and Trust Agent holds the perimeter. Each one writes to the same signed ledger, which means an investigator looking at a fraud alert, an underwriting call, and the compliance check around them reads a single continuous chain of custody rather than three disconnected systems.&lt;/p&gt;

&lt;p&gt;We also offer OAR-as-a-Service for teams that want the record layer around processes we did not build, so the same post-quantum, offline-verifiable guarantee can wrap a wider estate. The naming across our studios is drawn from Greek myth. The function underneath is deliberately unglamorous, which is how compliance infrastructure should be.&lt;/p&gt;

&lt;h2&gt;
  
  
  Who legally cannot use the alternative
&lt;/h2&gt;

&lt;p&gt;There is a large market of organisations that cannot lawfully send their data to public cloud AI, and for whom a verifiable local record is not a preference but a requirement. Around 0.85 million UK businesses, roughly 15 percent, sit in that position, and roughly 5 million do across the EU. The reasons are concrete. PRA model-risk expectations under SS1/23 ask firms to evidence and govern the models they rely on. UK GDPR special category data and the NHS Data Security and Protection Toolkit constrain where sensitive records may be processed. The EU AI Act places high-risk systems under strict documentation and traceability duties. ITAR and EAR, the NIS Regulations, and the US CLOUD Act all bear on where data may sit and who can compel access to it.&lt;/p&gt;

&lt;p&gt;For a firm inside any of those regimes, an audit record that lives on someone else's infrastructure, verifiable only while that supplier stays in business, is a structural weakness. The OAR removes the dependency. The evidence is local, self-verifying, and durable, which is exactly the posture those rules were written to require. This is the wider context in which we build. The sovereign AI market was roughly USD 40 billion in 2025 and is projected to reach about USD 148 billion by 2032, and the regulatory drivers behind that growth are the same ones that make the OAR necessary rather than optional.&lt;/p&gt;

&lt;h2&gt;
  
  
  The record as a moat, for us and for a platform
&lt;/h2&gt;

&lt;p&gt;We hold 104 filed UK patent applications, roughly 2,340 claims across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted. Filing establishes priority and a prior-art moat around the architecture, including the way the OAR binds post-quantum signing, hash-chaining, and deterministic arbitration into a single verifiable record. Our thesis is dual-buyer by design. We sell sovereign AI to the regulated firms the public cloud cannot lawfully reach, and we license the patented stack to the platforms that want to reach them. Internal analysis maps 196 companies and 311 patent-company pairs as potential licensees, a group that includes Microsoft, AWS, NVIDIA, Google, Adobe, and IBM. That is potential-licensee sizing, not a signed book and not an infringement claim. We are an ally to the AI majors, not an adversary of them. A platform that adds a sovereign, self-verifying record layer instantly becomes lawful for a market it cannot serve today, and that is a capability worth having on the right side of the ledger rather than the wrong one.&lt;/p&gt;

&lt;h2&gt;
  
  
  Where this leaves a regulated buyer
&lt;/h2&gt;

&lt;p&gt;The Open Audit Record turns compliance from a narrative you assert into a fact anyone can check. It runs inside your walls, on your hardware, with no egress, and it produces evidence that outlives cryptographic eras, vendor relationships, and the vendor itself. Mickai LTD is a UK company, Companies House 17166618, with Birmingham manufacturing secured, founded and led by Micky Irons. We built this to be verified, and we would rather you verified it than believed it. Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at &lt;a href="mailto:micky@mickai.co.uk"&gt;micky@mickai.co.uk&lt;/a&gt; or on LinkedIn.&lt;/p&gt;

&lt;h3&gt;
  
  
  Does the OAR require trusting Mickai to be honest?
&lt;/h3&gt;

&lt;p&gt;No. The ledger is append-only, hash-chained, and signed under post-quantum cryptography, and it can be verified offline by anyone holding it. Verification does not depend on us being present, cooperative, or even still in business, which is the property that makes it useful as evidence.&lt;/p&gt;

&lt;h3&gt;
  
  
  Why post-quantum cryptography for an audit log?
&lt;/h3&gt;

&lt;p&gt;A compliance record has to remain trustworthy for many years, often longer than classical cryptography is expected to stay secure. We sign with FIPS 204 ML-DSA-65 and use ML-KEM-768 so the record stays sound against future attacks. An audit trail that becomes forgeable partway through its retention period would fail exactly when it is needed.&lt;/p&gt;

&lt;h3&gt;
  
  
  Can the OAR cover systems Mickai did not build?
&lt;/h3&gt;

&lt;h2&gt;
  
  
  Yes. Through OAR-as-a-Service, the same signed, offline-verifiable record layer can wrap processes beyond our own studios, so a wider estate inherits the same tamper-evident chain of custody rather than a patchwork of separate logs.
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Written by Micky Irons, founder of Mickai. Originally published at &lt;a href="https://mickai.co.uk/articles/open-audit-record-explained" rel="noopener noreferrer"&gt;https://mickai.co.uk/articles/open-audit-record-explained&lt;/a&gt;. More from Mickai at &lt;a href="https://mickai.co.uk" rel="noopener noreferrer"&gt;mickai.co.uk&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>openauditrecord</category>
      <category>postquantumcryptogra</category>
      <category>sovereignai</category>
      <category>regulatedenterprise</category>
    </item>
  </channel>
</rss>
