By Micky Irons, founder and CEO of Mickai.
There is a species of mathematics that behaves like a secret kept in the open. You hand a machine a locked box of numbers, it performs arithmetic on the contents without ever opening the box, and it hands back a locked box holding the answer. The machine learns nothing. It never sees the data it worked on. This is homomorphic encryption, and for regulated organisations it is one of the most consequential ideas in modern cryptography, because it dissolves the oldest trade-off in computing: to process data, you no longer have to expose it.
For decades that trade-off was treated as a law of nature. Encryption protected information at rest and in transit, then surrendered it at the moment of use, because computation demanded plaintext. Homomorphic encryption breaks that assumption. Married to a sovereign intelligence operating system that runs on hardware the customer owns, it becomes far more than a laboratory curiosity. It becomes a way to keep data concealed for its entire life, to run owned brains against it, and to sign every result so that trust never rests on faith.
Nyx and the arithmetic of the concealed
Nyx was the Greek goddess of night, born of Chaos, so ancient and so powerful that Zeus himself feared to cross her. She was not darkness as absence. She was darkness as substance, a veil under which things happened that the day could not witness. Homomorphic encryption is arithmetic performed under exactly that veil. The computer processes what it cannot perceive.
In practical terms, a fully homomorphic encryption scheme (FHE) supports both addition and multiplication on encrypted values, and from those two operations you can build any computation at all. A neural network is, at bottom, a very long sequence of additions and multiplications. So in principle an owned brain can run inference against encrypted inputs and produce an encrypted verdict, and at no point in that pipeline does any plaintext exist for an operator, an insider, or an intruder to steal. The night holds. Nothing is witnessed.
Like Erebus, the primordial dark, homomorphic encryption lets a machine work on what it can never witness.
Why the regulated boundary demands it
Consider the industries that live under the strictest law: banks under Basel and the Markets in Financial Instruments Directive (MiFID II), hospitals under the Health Insurance Portability and Accountability Act (HIPAA), defence contractors under the International Traffic in Arms Regulations (ITAR), any European operation under the General Data Protection Regulation (GDPR) and the EU AI Act, financial firms under the Digital Operational Resilience Act (DORA). For all of them the central anxiety is the same. Sensitive data must be processed, but every place it is processed becomes a place it can leak, be subpoenaed, or be quietly copied.
Homomorphic encryption reframes the whole question. If the data is never decrypted during processing, then the processing environment no longer needs to be trusted with the secret. The threat surface does not shrink; it moves. This is precisely the boundary the public cloud cannot cross on the customer's own terms, because in a shared-tenancy model the operator ultimately holds the keys to the environment. The regulated organisation wants the opposite arrangement: to keep the keys, keep the data dark, and still get the answer.
The cost of the veil, and how it is paid
Honesty matters here, so we will not pretend the mathematics is free. Computing on ciphertext is far heavier than computing on plaintext, historically by orders of magnitude, because every encrypted number carries noise that grows with each operation and must be periodically refreshed. That overhead is why homomorphic encryption spent years confined to research. What changed is that the schemes matured, the noise-management techniques improved, and, crucially, the hardware the customer owns grew powerful enough to absorb the cost.
Themis holds the line of law, as the regulated boundary demands data be processed without ever being exposed.
The sovereign design decision is to treat homomorphic encryption not as a blanket applied to everything but as a scalpel applied to the most sensitive fields: the identifiers, the medical readings, the trade positions, the classified coordinates. Less sensitive computation runs in the clear inside an already air-gapped enclave, and the crown-jewel values stay encrypted end to end. The veil is drawn where it earns its cost, and the customer chooses where that line falls, because it is their hardware and their policy.
Concealed data is only half the promise
A subtle danger lurks in any privacy technology: it can protect the data while quietly betraying you about what was done with it. Homomorphic encryption hides the inputs, but it says nothing on its own about which brain ran, whether that brain was authorised, or whether the encrypted answer you received is the answer the sanctioned process actually produced. Concealment without accountability is only half a boundary, and the missing half is where real breaches hide.
So the concealment must be welded to attestation. In our architecture every action carries an Operation Attestation Record (OAR) that is signed before the action executes, not after. The record names the brain, the operator, the policy in force, and the shape of the operation, and it is committed to a tamper-evident, cryptographically-signed audit ledger built from SHA-3-512 hash-linked chains. Homomorphic encryption keeps the data dark; the ledger keeps the story honest. You get privacy and provenance in the same motion, rather than trading one for the other.
Atlas bears the sky as owned hardware bears the heavy cost of computing on the concealed.
Owned brains, owned keys, and the post-quantum horizon
None of this works if the intelligence itself is rented. A brain that phones home, that streams telemetry to a distant operator, or that can be silently updated from outside the boundary defeats the entire purpose of computing in the dark. Our brains are owned and revocable. They run inside the customer's estate, air-gapped or on-premise, with zero data egress, and a high-stakes action can be gated behind multi-brain plus voice-biometric approval so that no single component and no single person can act alone.
There is one more horizon to name. A great deal of data encrypted today will still be sensitive when large-scale quantum computers arrive, and adversaries are already harvesting ciphertext to decrypt later. Sovereign design has to reach past today's threat. That is why the attestation layer signs with post-quantum signatures, specifically the Federal Information Processing Standard 204 (FIPS 204) ML-DSA-65 scheme, and why verification can be performed entirely offline. The concealment is future-proofed, and the proof of what happened survives the arrival of the machines that would break weaker cryptography.
A capability, filed and framed
This is not a slide of aspirations. The techniques described here, computing on concealed data, binding it to owned and revocable brains, and sealing each action in a signed and hash-linked record, sit among the capabilities we have set out across 104 filed UK patent applications, comprising about 2,340 claims and owned by Mickai LTD. We describe them by what they do rather than by any grant, because the point of a patent in a sovereign system is to describe a capability precisely enough that a regulator, an auditor, or an adversary can all read the same unambiguous account of it.
Mnemosyne keeps every memory unbroken, as a hash-linked ledger seals each action in a chain that cannot be rewritten.
The bottom line
Homomorphic encryption ends the ancient bargain in which processing meant exposure. On its own it is a beautiful piece of mathematics with a demanding bill. Inside a sovereign intelligence operating system it becomes something a regulated organisation can actually stand behind: data that stays concealed for its whole life, brains that stay owned and revocable, keys that stay in the customer's hands, and records that are signed before they run and verifiable long after the quantum era begins. The cloud giants remain allies at a different layer. What we hold is the dark boundary they cannot cross, and under Nyx's veil the arithmetic still comes out right.
Written by Micky Irons. Originally published at https://mickai.co.uk/articles/homomorphic-encryption-and-sovereign-ai. More from Micky Irons and Mickai at mickai.co.uk.





Top comments (0)