DEV Community

Cover image for The Sovereign Layer and the Market the Public Cloud Cannot Reach
Micky Irons
Micky Irons

Posted on • Originally published at mickai.co.uk

The Sovereign Layer and the Market the Public Cloud Cannot Reach

The Sovereign Layer and the Market the Public Cloud Cannot Reach

By Micky Irons, founder of Mickai.

The market the public cloud cannot lawfully reach

Around 0.85 million UK businesses, about 15 percent of the total, legally cannot send their data to public cloud AI. Across the EU, that figure is roughly 5 million. These are not laggards waiting to modernise. They are banks, insurers, hospitals, defence suppliers and law firms bound by rules that make a public cloud round trip unlawful, uninsurable or both. The constraints are concrete: PRA model risk expectations under SS1/23, UK GDPR special category data, the NHS Data Security and Protection Toolkit, the EU AI Act high risk classification, ITAR and EAR export controls, the NIS Regulations and the extraterritorial reach of the US CLOUD Act. Each one, on its own, is enough to keep sensitive workloads off shared infrastructure. Together they define a market that the largest AI platforms in the world are structurally unable to serve.

The sovereign AI market sits at roughly USD 40 billion in 2025 and is projected to reach about USD 148 billion by 2032. We built for the part of it that no amount of cloud capacity can address, because the problem is not compute. The problem is where the data is allowed to go.

The Sovereign Layer and the Market the Public Cloud Cannot Reach

What we are

Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. There is no telemetry leaving the building, no model call crossing a border, no third party we ask the customer to trust with their most sensitive records. The regulated firm holds the hardware, the models and the audit trail. We are the operating system that makes them work together.

This is built and live today. It is not a concept, a roadmap or a pilot waiting for a reference customer. We run about fifty specialist models, twenty five domain and twenty five operational, with cross model routing under a deterministic arbiter, so that the same input produces the same output every time. Reproducibility is not a feature we bolt on for auditors. It is the property that lets a regulated buyer put the system in front of a supervisor and defend it.

The Sovereign Layer and the Market the Public Cloud Cannot Reach

Proof that outlives the vendor

Every consequential action inside the system is written to the Open Audit Record. Each entry is signed under post quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash chained into a tamper evident, append only ledger. Anyone can verify that ledger offline, for decades, without trusting us and without a live connection to anything we control. If Mickai LTD ceased to exist tomorrow, the record would still stand up in a hearing. That is the standard a regulated buyer actually needs, and it is the standard almost no cloud AI product can meet, because their proof of what happened lives on the vendor's servers under the vendor's control.

We offer the same mechanism on its own as OAR-as-a-Service, for firms that want verifiable, post quantum audit over systems they already run.

The Sovereign Layer and the Market the Public Cloud Cannot Reach

The studios

On top of the operating system we run a set of studios, each a named capability aimed at a specific regulated function. The names are drawn from Greek myth; the work is entirely serious. Nemesis handles fraud and AML. Plutus covers finance and FP&A. Tyche does underwriting. Prometheus runs forecasting. Iris handles customer service. Nomos covers compliance and Astraea covers legal. Panacea is clinical. Pythia is business intelligence and Aletheia is audit. Vinis is voice. The Agentic Marketing Team runs marketing operations, and Trust Agent is the perimeter that guards the whole estate. Each studio inherits the same guarantees: on device execution, deterministic routing and a signed entry in the Open Audit Record for every action that matters.

Across fielded units we run Pantheon, a post quantum Layer 1 currently on testnet, which provides multi node attestation with no central server. Each deployment can prove its state to the others without any of them phoning home to us. Sovereignty at the single site becomes sovereignty across an estate, and it does so without reintroducing the central dependency the whole design exists to remove.

The patent position

We hold 104 filed UK patent applications, comprising roughly 2,340 claims across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These applications are filed, not granted. We say so plainly, because filing is what matters at this stage: it establishes priority and builds a prior art moat around the specific architecture that makes on device, air gapped, auditable AI work. The families cover the operating system, the audit record, the routing arbiter and the attestation layer. They describe how the system is constructed, not merely what it does.

The dual buyer thesis

Our commercial model has two sides that reinforce each other. First, we sell the sovereign intelligence operating system directly to the regulated firms the public cloud cannot lawfully reach. Second, we license the patented stack to the platforms that want to reach those same firms and currently cannot. A platform that adds a sovereign, on device, auditable layer instantly becomes lawful in a market it is shut out of today. The two sides are not in tension. The direct sales prove the architecture in production; the licence makes that architecture available to everyone else on terms we set.

Our internal analysis maps 196 companies and 311 patent company pairs as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe and IBM. We are precise about what that is. It is potential licensee sizing based on where our filed families intersect with published architectures. It is not a signed book of business and it is not an allegation that anyone infringes anything. We are an ally to the AI majors, not an OpenAI killer. The largest platforms have the distribution and the customer relationships; we have the one thing that unlocks the regulated tier, which is a way to serve it lawfully. That is a partnership, not a war.

The company

Mickai LTD is a UK company, Companies House number 17166618, with Birmingham manufacturing secured. Micky Irons is founder and CEO. We build the operating system, the studios and the audit layer, and we manufacture the units the software runs on. That vertical control is deliberate. When the promise is that data never leaves the building, the credibility of that promise depends on owning the stack from the silicon up to the ledger.

The strategic picture is straightforward. There is a large, legally defined market that the biggest AI companies cannot serve, a working operating system that serves it today, and a patent position that sits across the only route in. We built the layer that turns a regulated constraint into a served market, and we own the architecture that makes it work.

Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at micky@mickai.co.uk or on LinkedIn.

Is Mickai a live product or a roadmap?

It is built and live today. We run about fifty specialist models on the customer's own hardware, on premises and air gapped, with a signed audit record for every consequential action. It is in production, not in concept.

Why can regulated firms not simply use public cloud AI?

Rules including PRA SS1/23, UK GDPR special category data, the NHS Data Security and Protection Toolkit, the EU AI Act high risk classification, ITAR and EAR, the NIS Regulations and the US CLOUD Act mean roughly 0.85 million UK businesses and about 5 million across the EU cannot lawfully send their data to public cloud AI. We run entirely inside their walls, so the data never leaves.

What do the filed patents actually protect?

We hold 104 filed UK applications, roughly 2,340 claims across 13 invention families, owned by Mickai LTD. They are filed, not granted, which establishes priority and a prior art moat around the architecture of on device, air gapped, auditable AI, covering the operating system, the audit record, the routing arbiter and the attestation layer.

Written by Micky Irons, founder of Mickai. Originally published at https://mickai.co.uk/articles/sovereign-layer-hyperscaler-tam. More from Mickai at mickai.co.uk.

Top comments (0)