By Micky Irons, founder of Mickai.
The record has to outlive the vendor
Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. That sentence is a design commitment, not a slogan, and post-quantum cryptography sits underneath every part of it. We did not add signatures late, as a compliance veneer over a cloud product. We built the operating system so that the proof of what it did survives longer than the hardware it ran on, longer than the staff who operated it, and longer than the company that shipped it.
For a regulated buyer, that is the whole question. A bank, an insurer, a hospital, or a defence supplier does not only need an answer from a model. It needs to be able to show, years later, to a regulator or a court, exactly what was decided, on what inputs, under which model version, and to prove that the record has not been altered since. Most AI systems cannot do this. We treat it as the first requirement, and we meet it with cryptography that is expected to hold even against a quantum adversary.
What post-quantum from the ground up actually means
We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. There is no vendor endpoint to trust and no telemetry leaving the building. That constraint changes how you have to think about audit. If you cannot phone home, you cannot lean on a provider's dashboard to tell you what happened. The proof has to live locally and stand on its own.
So every consequential action inside Mickai is written to the Open Audit Record. The OAR signs each action under post-quantum cryptography, using the FIPS 204 ML-DSA-65 signature scheme with ML-KEM-768 for key encapsulation, and hash-chains it into a tamper-evident, append-only ledger. Anyone can verify that ledger offline, for decades, without trusting us. Break the chain at any point and the verification fails and tells you where. This is the difference between a log, which is a story a system tells about itself, and a record, which is a mathematical object that either verifies or does not.
We chose the post-quantum schemes deliberately. Regulated records have long lives. A decision signed today may need to be defensible in fifteen or twenty years, and an adversary who cannot break a signature now may be able to break yesterday's signature later. Classical signatures leave that door open. Building on the standardised post-quantum algorithms closes it, which is why we treat post-quantum as the floor of the architecture rather than a future upgrade.
Reproducible by design, not by luck
An audit trail is only worth signing if the thing it records is stable. We run about fifty specialist models, twenty five domain and twenty five operational, with cross-model routing under a deterministic arbiter. The arbiter decides which models handle a request and in what order, and it does so deterministically, so the same inputs produce the same outputs and the same routing path. Reproducibility is not an aspiration we hope holds under load. It is a property of how the system is wired, and it is what makes a signed record meaningful. A record of a non-deterministic process proves only that something happened once.
We keep the sovereign models on the customer's hardware alongside everything else. They are ours, tuned for the work, and they never leave the premises. The point of the arbiter is that a regulated firm can reconstruct any decision from first principles: the inputs, the models, the routing, and the signed output, all held locally and all verifiable without us in the loop.
The studios that do the work
On top of this substrate we run a set of studios. The names are drawn from Greek myth and the functions are entirely serious. Nemesis handles fraud and anti-money-laundering. Plutus covers finance and FP&A. Tyche does underwriting. Prometheus does forecasting. Iris runs customer service. Nomos handles compliance and Astraea handles legal. Panacea is clinical. Pythia is business intelligence. Aletheia is audit. Vinis is voice. The Agentic Marketing Team runs marketing operations, and Trust Agent is the perimeter that guards the whole estate. We also offer OAR-as-a-Service, so the signed-record capability can be applied to workloads beyond the studios themselves.
Every one of these studios writes to the same Open Audit Record. A fraud decision, an underwriting call, a compliance check, and a clinical inference are all signed and chained the same way. That uniformity matters to an auditor. There is one evidence model across the estate, not a dozen bespoke logs that each have to be argued about separately.
Attestation across many nodes
Air-gapped units still need to agree on what is true across a fleet. Pantheon, our post-quantum Layer 1, now on testnet, provides multi-node attestation across fielded units with no central server. Each unit can attest to the others, so an organisation running many sites can establish a shared, verifiable view of state without routing anything through a central authority and without opening a path off the premises. The same post-quantum discipline that protects a single record protects agreement between nodes.
The intellectual property behind it
We have filed 104 UK patent applications, comprising roughly 2,340 claims across 13 invention families. They are owned by Mickai LTD, and the named inventor is Mickarle Sean Junior Wagstaff-Irons. These are filed applications, not granted patents. We are precise about that because it matters: filing establishes priority and builds a prior-art moat around the architecture, the audit record, the arbiter, and the attestation layer. It marks the ground. The families track the system itself, so the protection and the product describe the same thing.
Mickai LTD is a UK company, Companies House number 17166618, with manufacturing secured in Birmingham. Micky Irons is founder and CEO. We build hardware and software together because sovereignty is meaningless if you do not control the box the system runs on.
Why the market has no cloud answer
The sovereign AI market was roughly USD 40 billion in 2025 and is expected to reach about USD 148 billion by 2032. The demand is not driven by preference. It is driven by law. Around 0.85 million UK businesses, about 15 percent, and roughly 5 million across the EU, legally cannot send their data to public cloud AI. The reasons stack up quickly: PRA model-risk expectations under SS1/23, UK GDPR special category data, the NHS Data Security and Protection Toolkit, the EU AI Act high-risk classification, ITAR and EAR export controls, the NIS Regulations, and the US CLOUD Act.
Read together, these rules describe a large population of firms that need modern AI and are forbidden from using the way it is usually delivered. A signed, reproducible, air-gapped operating system is not a nicer option for these buyers. It is the only lawful one. Post-quantum audit is what lets them adopt AI and still satisfy a regulator who will ask, later, to see the proof.
An ally, sold two ways
We take our capability to market on a dual-buyer thesis. First, we sell the sovereign operating system directly to regulated firms the public cloud cannot lawfully reach. Second, we license the patented stack to the platforms that want to reach those same firms and cannot, today, because the workloads must stay on premises and provably so.
Our internal analysis maps 196 companies and 311 patent-company pairs as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe, and IBM. We are careful about what that is. It is potential-licensee sizing, not a signed book of business and not an infringement claim. We are an ally to the AI majors, not an OpenAI killer. A platform that adds a sovereign, provable layer to its offering instantly reaches a regulated market it cannot serve today, and the audit record is the piece that makes that reach defensible rather than merely marketed. That value is available to a partner without either side having to pretend the regulatory wall does not exist.
Where this leaves a regulated buyer
The promise is narrow and testable. Run modern AI inside your own walls, with nothing leaving the building. Get the same output for the same input every time, because a deterministic arbiter routes across our models. Keep a signed, hash-chained record of every consequential action, protected by post-quantum cryptography, that you can hand to an auditor and that they can verify offline, for decades, without trusting us. That is what post-quantum from the ground up buys you, and it is live today rather than on a roadmap. Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at micky@mickai.co.uk or on LinkedIn.
Is the Open Audit Record really verifiable without trusting Mickai?
Yes. The OAR is an append-only, hash-chained ledger where each consequential action is signed under FIPS 204 ML-DSA-65 with ML-KEM-768. Verification is a local, offline operation against the public verification keys. Any alteration breaks the chain and the check fails at the point of tampering, so a regulator or auditor can confirm integrity for decades without a live connection to us.
Why post-quantum rather than standard signatures?
Regulated records have long lifetimes. A decision signed today may need to be defensible in fifteen or twenty years. An adversary who cannot break a classical signature now may be able to later, which would retroactively undermine old records. Building on the standardised post-quantum schemes protects the record against that future, which is why we treat it as the foundation rather than an upgrade.
Does this run without any cloud connection at all?
It does. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. The sovereign models, the deterministic arbiter, and the Open Audit Record all operate locally, and Pantheon provides multi-node attestation across fielded units with no central server, so a multi-site organisation can share a verifiable view of state without anything leaving the premises.
Written by Micky Irons, founder of Mickai. Originally published at https://mickai.co.uk/articles/post-quantum-from-the-ground-up. More from Mickai at mickai.co.uk.




Top comments (0)