Folio I · Controlled beta

Encryption for data that stays
sensitive for years, not months.

Most teams skip application-layer encryption because getting key management right is hard. VellumGuard handles that — hybrid post-quantum crypto, key rotation, and an audit trail, as a hosted service. TypeScript SDK on npm. API live. Controlled beta.

NIST-standardized · ML-KEM-768 · ML-DSA-65 Hybrid by default · X25519 + post-quantum Beta · design-partner access
encrypt.ts
import { VellumGuard, HttpKmsClient } from "@vellumguard/sdk"; const kms = new HttpKmsClient({ baseUrl: "https://api.vellumguard.com", apiKey: process.env.VELLUMGUARD_API_KEY!, }); const vg = new VellumGuard({ kms }); // hybrid post-quantum, one call const sealed = await vg.encrypt({ data: "patient note: BP 120/80", recipient: "user_abc123", signAs: "user_abc123", }); const { data } = await vg.decrypt(sealed, "user_abc123");
The problem worth solving

A quantum computer doesn't have to exist yet to be a threat.

Encrypted data captured today can be stored and decrypted later — once quantum hardware arrives. If your records need to stay confidential for 10 years or more, you are already behind.

01

The standards landed

NIST published the post-quantum cryptography standards in 2024. Security questionnaires now ask for a migration plan. "We're looking into it" is no longer a complete answer.

02

The tools are brutal

Cloud KMS products don't support post-quantum yet. Rolling your own means choosing algorithms, building key distribution, managing rotation, and logging everything — before writing a line of your actual application.

03

The data is long-lived

Healthcare records, research data, AI training sets, government files — anything with a 10-plus-year sensitivity window is exactly what a future quantum adversary would target first. The encryption you apply today is what you will be relying on then.

Who uses VellumGuard

Built for records that can't expire.

Healthcare and research records

Encrypt patient notes, clinical records, or research data at the application layer. When quantum-resistant encryption becomes a regulatory requirement, you will have already shipped it.

SaaS products with tenant data

Add encryption to your product without building crypto infrastructure from scratch. Workspace-scoped API keys give each customer isolated key material and a separate audit log.

AI training and evaluation data

Training sets that include personal information, proprietary examples, or sensitive content need protection that holds up over the model's lifetime — not just during the training run.

Pre-compliance readiness

Start your post-quantum migration before the procurement questionnaire arrives. VellumGuard gives your security team something concrete to show while the standards are still being adopted.

Government and defense-adjacent systems

CNSA 2.0 requires post-quantum migration for national security systems by 2035. If your customers include federal agencies, you are already in scope. We support that planning work now.

Any application-level encryption need

If you have been meaning to encrypt a specific data class — messages, documents, model weights, financial records — and kept deferring because key management is hard, this is the direct path.

Field Guides

Practical ways teams use VellumGuard.

Short guides covering the problem, an example workflow, where VellumGuard fits, and what it does not replace — for each use case.

Healthcare and research records

Protect clinical, research, and patient-adjacent records that may remain sensitive for 10 or more years. Test application-layer encryption and post-quantum migration paths without replacing every system at once.

Not currently HIPAA compliant. No BAA is currently available.

Read guide →

SaaS application encryption

Add encryption, workspace-scoped API keys, identity-scoped authorization, and audit events to a SaaS product without building a key-management platform from scratch.

Read guide →

AI training and evaluation data

Protect sensitive datasets, embeddings, and evaluation payloads that require long-term confidentiality and clear access boundaries across teams and third-party contributors.

Read guide →

Government and defense-adjacent systems

Start post-quantum migration at the application layer now. CNSA 2.0 sets a 2035 deadline for national security systems. Building the implementation early reduces the scope of the larger migration.

Read guide →

CMMC-adjacent contractor workflows

For defense contractors, VellumGuard can support application-layer encryption, key-management discipline, and operational evidence within a broader security program. It does not make an organization CMMC compliant.

Not a CMMC compliance platform. Does not replace a C3PAO assessment.

Read guide →
Platform status

What's actually running today.

The API is live. The TypeScript SDK is on npm. The full key rotation lifecycle has been executed in production — not just documented.

Hosted KMS APILive · https://api.vellumguard.com
TypeScript SDKLive · @vellumguard/sdk on npm
Cloud KMS-backed DEK wrappingLive · Google Cloud KMS
DB-backed KEK registryLive · versioned, multi-DEK runtime
Production rewrap completedv1 → v2 identity-key rewrap executed
Old KEK retiredv1 logically retired; row preserved for audit
Audit & security eventsLive · startup, promote, rewrap, retire
Backup restore verifiedCloud SQL restore tested 2026-06-19
Uptime monitoringGCP uptime check on /healthz/
How it works

From plaintext to post-quantum in three steps.

Step i

Install the SDK, call encrypt

One npm install. Address encrypted data to your user IDs — not raw keys. The SDK calls the hosted KMS to resolve each identity's public key and returns a sealed ciphertext. No key bytes, no algorithm choices.

Step ii

Hosted KMS, Cloud KMS-backed keys

Private key blobs live encrypted in the VellumGuard database. DEKs are wrapped by Google Cloud KMS — the raw DEK never touches disk or logs. The KEK registry tracks active, rotated, and retired key versions for a full audit trail.

Step iii

Decrypt & audit

Recipients decrypt with one SDK call. Every encrypt, decrypt, key promotion, rewrap, and retire operation is recorded in the security and audit event log — a queryable, durable record your team can actually use.

Why VellumGuard

Cryptography you can defend in an audit — and a code review.

Hybrid by default

Every ciphertext is sealed with X25519 and ML-KEM-768. If either scheme is ever broken, the other still holds. You are never worse off than today's encryption.

NIST-standardized only

ML-KEM-768 (FIPS 203) and ML-DSA-65 (FIPS 204). No experimental schemes — exactly the algorithms an auditor expects to see named.

Your plaintext stays yours

Encryption and decryption happen in the SDK, on your infrastructure. VellumGuard's servers hold keys and metadata — never the data itself.

Open ciphertext format

The wire format is published with reference test vectors. Decrypt your data with any conforming implementation — no lock-in, no "what if they vanish."

Durable audit trail

Every authorization decision, key operation, and SDK call is recorded. Workspace- scoped API keys with identity-scoped authorization let you answer exactly who accessed what — and when.

Built on audited primitives

No home-grown cryptography. VellumGuard composes well-reviewed, open implementations — the boring choice, on purpose.

Under the hood

The v1 cryptographic suite.

Sensible, conservative defaults. The full ciphertext format specification is public — see the documentation.

Key encapsulationX25519 + ML-KEM-768
Digital signaturesEd25519 + ML-DSA-65
Symmetric cipherAES-256-GCM
Key derivationHKDF-SHA-256
Security levelNIST Level 3
DEK wrappingGoogle Cloud KMS · AES-256-GCM envelope
FormatVersioned · open spec · v1 base
SDKsTypeScript (live) · Python & Go (coming)
Key management

Key rotation is not a slideware feature.

The full lifecycle has been executed in production. Every step is audited. Old key rows are preserved — never deleted.

1. Generate & wrapFresh DEK generated, wrapped by Cloud KMS immediately
2. Register KEKNew version registered in the KEK registry (inactive)
3. Multi-DEK runtimeService loads v1 + v2 at startup; decrypts each row with its own DEK
4. Promotev2 promoted active; new identities encrypted with v2 DEK
5. Rewrap identitiesAll identity blobs re-encrypted v1 → v2 in audited batches
6. Retire old KEKv1 logically retired; DB row + wrapped DEK retained for forensics
Audit eventskey.kek.promoted · key.rewrap.* · key.kek.retired recorded
Beta readiness

What you're getting into — honestly.

VellumGuard is available for controlled beta and design-partner access. The platform is live and the key rotation lifecycle works end-to-end. The limitations below are real.

What is ready

The API is live at api.vellumguard.com. The TypeScript SDK is on npm. DEK wrapping is backed by Google Cloud KMS. The full key rotation lifecycle — generate, promote, rewrap, retire — has been executed end-to-end in production. Workspace-scoped API keys, identity-scoped authorization, and audit events are all working.

What is not ready yet

TypeScript SDK only (Python and Go coming). No developer portal or dashboard. No BYOK / customer-managed keys. No self-serve billing. Manual onboarding only. Not currently SOC 2 certified. Not currently HIPAA compliant. No BAA is currently available. No formal SLA during beta.

Data use

Use test or synthetic data during beta integration. Do not send PHI, PCI card data, or other regulated production data without a separate written data-handling agreement. Contact beta@vellumguard.com to discuss before sending regulated data.

Design partner program

Build with post-quantum encryption before you're asked to.

We are onboarding a small group of design partners. Healthcare, defense, long-lived-data, and AI training-data use cases prioritized. Beta is free unless otherwise agreed in writing. No charges without a written agreement before general availability.

Please do not submit PHI, regulated production data, API keys, passwords, or sensitive customer data through this form.
You can also contact us directly at beta@vellumguard.com.